A Next Generation Cryptographic Commerce Protocol
1. Introduction 2. The Problem 3. Proof-of-Timelock 4. Blockchain 5. Creating Timelocks 6. Timelock Suicide 7. Trusted Agents 8. Mining & Forging 9. Distribution (Proof-of-Referral) 10. Decentralized Exchange 11. Universal Messaging 12. Types of Transactions
This whitepaper outlines a potential solution for eliminating the counterparty risk associated with p2p transactions, especially in an anonymous network.
Bounty.Exchange aims to solve this through a distributed, open trade ledger which facilitates p2p commerce (digital goods, physical goods, services & data) across an anonymous, trust-less network.
A secondary goal of BNTY is to create a global commerce ledger - allowing anyone to instantly bootstrap a marketplace with both supply and demand. This will end the chicken and egg struggle for new entrants, forcing competition through innovation in contrast to juggernauts with network effects running a practical monopoly.
Essentially, the value of sharing economy companies (eBay, Craigslist, Uber, Lyft, AirBnB) is their network - they've reached a critical mass where supply meets demand and the marketplace is liquid. The underlying technology powering their their platforms can be replicated easily - but buyers go where the supply is, and suppliers go where the buyers are. The key piece of proprietary data each network has to their advantage is their ratings system. Starting a new marketplace with no reputation data is difficult. When you have no buyers, nobody will sell on your marketplace, and when you have no sellers, nobody will buy on your marketplace. Vicious circle.
A trustless, distributed ledger for global commerce will enable innovation based competition, allowing developers to focus on building solutions to non-trival technical & design problems rather than bootstraping a marketplaces' liquidity & trust. Bounty.Exchange will give developers the tools necessary to instantly create a fully liquid, trustworthy, global, local, niche marketplace.
With the rise of the sharing economy, commerce on the internet has come to rely almost exclusively on 3rd party marketplaces to mediate the counterpart risk associated with p2p transactions.
While this system of ‘marketplaces’ works well for most transactions, it still suffers from weaknesses in its feedback / reputation model. It’s fairly easy for bad actors to break the system by creating fake identities, using stolen credit cards, executing chargebacks, and manipulating feedback ratings.
The cost of protecting against all these factors leads to increased transaction costs, while simultaniously stifling overall innovation by creating huge overhead for new entrants looking to gain market-share.
In addition, buyers and sellers are locked into the marketplace they select. A user may be looking to sell a 1965 bicycle on eBay, while another user on Craigslist is looking to buy a 1965 bicycle. This transaction is never executed because the listing data is protected in isolated silohs.
What's needed is an open commerce ledger based on a system of cryptographic trust. The solution proposed in this whitepaper is to create such a system in the form of Mutual Timelock Collateral.
Due to the incentives of such a system, both parties entering into a p2p transaction can remain completely anonymous, but can also be fully trusted by the other party unless they want to leave the transaction with a net loss. The way this is done is through proof-of-timelock.
The fundamental goal of BNTY is to align incentives for p2p transactions so that any rational actor will not enter a transaction unless they plan to fufil their obligation.
If someone enters a transaction with the intent to defraud, the only possible outcome is a net loss.
This is done through mutual timelock collateral - where both parties send some amount of money to the future, and this is used as collateral against their purchase / sale in the present.
In order to execute a transaction on the network, you would need to have an equal amount of funds locked away in the future. Should either party not deliver, the result would be a net loss for both parties involved.
BNTY uses a combination of proof-of-work and proof-of-timelock to vaildate the network.
Similar to the Bitcoin blockchain, BNTY is a peer-to-peer distributed timestamp server which generates a computational proof for the chronological order of data objects. The proof-of-work algorithm in BNTY is used as a way to calculate time, and will have a constant difficulty of 10 minutes per block.
At the creation of the BNTY network (Genesis Block), every block that will ever exist is generated, chronologically, using the hash of the previous block to encrypt the next (merkel tree). A unique signing key is also generated & encrypted within each future block. After Genesis, POW miners work to solve / decrypt the most recent block using their computing power. Every 10 minutes, 1 new block is decrypted.
POW miners must work on the current block, because each block is encrypted using the previous blocks hash. If the network is on block 151, you can't skip to decrypt 200 because you need the hash from 199. You cant decrypt 199 because you need the hash from 198, etc.
The proof-of-work miners collect new transactions, bounties, messages, feedback & timelocks to create new blocks. Once a POW miner decrypts a block, they are essentially the first person in history seeing the unique signing hash associated with that block.
When timelocks are created, a user will select a block in the future for their timelock to mature on, and they'll send the funds to the specified address. This timelocked transaction can only be moved once the signing key is added, and the key for this transaction can only be found after decrypting the block that the timelock was set to expire on. A timelock created & set to end on block 898 can only be released with a signature from the hash found in block 898.
Once the POW miner finds a solution to a block, they take the unique signing hash and gain control of the timelocked funds (in their non-verified version of the blockchain). Since there is a well cemented history of what timelocks should be released at what block, the POW miner can't keep these coins or award himself more than he should. If he does, when he sends the new proposed block to be validated by the proof-of-timelock nodes, his new block won't match what the past blocks say should happen.
Essentially, since the nodes already agree on what the past says should happen in the future, they can verify what should happen in the present.
Miners are responsible for honoring Timelocks, & collecting Transaction Fees. If the first POW miner doesnt create a valid block because they try to give themselves more, the next miner to solve the POW will end up creating a valid block and collecting the fees.
Once the new block is proposed, it's propogated to the proof-of-timelock nodes for validation. After 51% of the active POT nodes agree on the new block, it's deemed verified and POW work on the next block begins.
Proof-of-timelock is similar to proof-of-stake but with an added component. In proof of stake, your stake, or wealth, is what determines your power on the network. With BNTY, it's not simply your wealth, but the portion of your wealth that you're willing to put at risk in the network to secure it.
So, a nodes' forging stake in a proof-of-timelock system is equal to the amount of funds they have in timelock relative to the all the funds in timelock. A user may have 5,000 BNTY in their account, but they will not participate in POT forging with this amount unless they put it into timelock. Only the portion of funds in timelock count towards a nodes proof-of-stake.
Timelocks can be created for any block in the future. If you send 100 BNTY into the timelock, you can purchase and sell things up to 100 BNTY.
Your total pending transaction amount cannot go above your total amount in timelock. If you have 100 BNTY timelocked, you can purchase 1 item for 100 BNTY, or 10 items for 10 BNTY, or sell an item for 50 BNTY and buy 5 items at 10 BNTY. You cannot transact (buy or sell) above 100 BNTY.
If you want to purchase an item for 90 BNTY, you'll send 90 BNTY to escrow, and a 90 BNTY line of trust is extended from your existing 100 BNTY in the timelock. With this 90 BNTY transaction pending, your total available trust will be 10 BNTY. Once a transaction is complete & the escrow'd payment is released to the seller, both the buyer & sellers 90 BNTY line of trust are allocated back to their total buying / spending power.
In addition, 4,320 blocks before your timelock expires (30 days), your trust is moved to 0. This means even if you have 100 BNTY in Timelock, with 29 days left, you have 0 BNTY purchasing / selling power. This allows time for pending transactions to complete before the Timelocked funds are sent back to your account.
So far we've looked at how the system works when everything goes right, but what about when one or both of the users entering the transaction intend to act fradulently.
The first scenario we can look at is a legitmate buyer & a fraudulent seller. The buyer puts 250 BNTY into escrow for a product, the seller doesn't deliver.
In this scenario, the buyer will first ask for a refund, hoping to move the 1:1 escrow to 2:0 (agreement, return funds). If not, the buyer can time-lock suicide. The buyer will lose their escrow'd funds (250 BNTY) + the funds in timelock (250 BNTY), and the seller will lose their timelocked funds as well (250 BNTY). The buyer loses 500 BNTY, and the seller loses 250 BNTY. If the seller simply initiated a refund, they would leave the transaction breaking even, instead of losing 250 BNTY by waiting for a timelock suicide.
The second scenario is a legitmate seller, with a scamming buyer. The seller ships an item, buyer pretends he didnt get it. In this scenario, if the seller was legitmate and actually shipped the item, then the buyer really has no incentive to lie.
Either he can release the payment to the seller which is already locked in escrow, or he can wait for the seller to time-lock suicide. If the buyer purchased a 250 BNTY item, received it, and doesn't release the funds from escrow, they're at risk of losing a total of 500 BNTY on a 250 BNTY purchase. If they simply release the payment, then there is no risk of them losing both their escrow and timelock.
The one edge-case is dealing with irrational users / trolls.
If someone is willing to lose money via timelock_suicide just to see someone else lose money, then there's nothing you can really do. A feedback system should easily weed out psychos.
Lets say you want to buy something for 100 BNTY, but don't have 100 BNTY to put up for the TimeLock. This is where trusted agents come in.
In exchange for a percentage on top of the transaction, a trusted agent can extend you a line of trust. This arbitor would likely have large amounts of funds in Timelock and would loan out their trust to multiple parties.
One use-case are transactions where people can't afford to have a trust line of 1,000 BNTY on a 1,000 BNTY purchase. They may have enough to purchase the item, but not enough to temporarily match it in collateral. In this scenario, the buyer would reach out to a trusted agent for a 1,000 BNTY trust line.
The agent, buyer & seller enter into a smart contract that releases funds to the appropriate parties once all 3 agree. The buyer would send 1,000 BNTY to escrow to activate the contract.
This also works for large amounts, where an indiviudal wants to purchase a 10m BNTY yacht. The buyer won't want to have to put up 10m BNTY, and the seller wont want to timelock that much either. They may not have that kind of liquidity. Both can use an trusted agent which will extend a 10m BNTY trust line (to each), while collecting a percentage of the transaction. The trusted agent will likely collect additional personal information from the party they're trusting in order to secure the loan, but that's up to them.
Larger lines of trust will likely come with larger fees. Existing feedback may also play a factor in agent fees. In a successful transaction, the trusted agent makes a percentage, and will still receive their TimeLocked funds sometime in the future. The business model here is similar to an insurance agency.
Mining & Forging
BNTY uses both POW and POS, meaning there is both a mining and forging component.
POW Miners are addresses with at least 10 BNTY in timelock and actively on the network. In exchange, POW miners collects the transaction fees from their solved block, as well as any funds left over as a result of timelock_suicides.
For example, if a user timelocks 500 BNTY to mature on block 900, and then enters into a transaction for 100 BNTY that goes south (timelock suicide), when block 900 is mined and the timelock is released, the miner will send only 400 BNTY back. The 100 BNTY that was lost in the timelock_suicide is collected by the POW miner of that block.
Similar to proof-of-stake, in proof-of-timelock we call mining - 'forging'. Forgers are stakeholders with money at risk on the network. They don't want to validate a false block because they have the most to lose. Since Forgers have made a 'bet' on the network, they receive a dividend each time the network grows.
The mechanics underlying this dividend are outlined below in the Distribution Strategy.
Arguably the most difficult part of a new cryptocurrency is creating a fair, even distribution strategy.
Bitcoin uses proof of work, NXT uses IPO, CounterParty uses Proof-of-Burn, and there are many alternative ideas floating around. The solution for BNTY is interesting, as it hasn't been discussed much.
BNTY will use a proof-of-referral distribution strategy. Each address that is created on the BNTY network is inactive. The address will need a minimum of 10 BNTY in timelock to become activated. To get 10 BNTY, an existing user must 'fund' your account by sending you 10 BNTY.
This initial 10 BNTY is used to 'activate' your account, and is automatically put into a timelock set to expire on the last block of the blockchain, meaning the coins are essentially locked forever. This makes funding new accounts a non-profitable process. In addition, the overall currency in the network would decrease by 10 BNTY every time somone is referred, which doesn't seem ideal.
To counter-act this and align incentives, two key systems are put into place. The first relates back to the proof-of-trust forgers.
In exchange for trusting the network (and increasing the trust of the network by locking funds), POT nodes will receive a dividend for each new user 'activated' on the network. For each new account funded (10 BNTY), 5 BNTY is created by the network and distributed proportionally to all active POT nodes. An active POT miner who put up 5% of all the funds in timelocked would receive a .25 BNTY for each new user on the network.
The second system is called an Auto-Bounty, and it will be the core distribution mechanism for BNTY. Since the amount of BNTY 'in circulation' is static, the initial amount of coins isn't hugely important. The UN expects there will be 8 billion humans by 2024, so lets go with 80 billion total BNTY. The reason for this is that each created account locks away 10 BNTY forever, so the total number of accounts possible in our system would be 8 Billion (8 billion addresses + 10 BNTY = 80B).
Ultimately, if every single address gets funded with 10 BNTY, there will be a total of 160 billion BNTY, with 80 billion in circulation, and 80 billion locked in the last block.
The way the initial distribution will work is as follows. 10% of the initial coins will go to the creator(s) of the BNTY project. 10% of the initial coins will be given away for free to Bitcoin users. By uploading the blockchain, BTC users can claim their proportional percentage of BNTY. This gives some liqiudity to the network, and also gets it in the hands of early adopters. The final 80% of the coins are used to fund the Auto-Bounty, which will give us an even distribution of coins.
For each account a user funds (10 BNTY), the Auto-Bounty will reward them 5 BNTY (proof-of-referral). This means as you invite more people, the coins are getting more broadly distributed, and the network is getting more secure.
From a Sybil attack perspective, even if you own 100% of the timelock in the network, creating sockpuppet accounts is a zero sum game. It costs 10 BNTY to activate and thats gone forever, then you get back 5 BNTY from the Auto-Bounty, and 5 BNTY from the dividend. Even in the best case scenario (100% ownership), a sybil attacker can only waste their time. As more POT Forgers join the network, their dividend will decrease, giving the attacker a net loss.
Ultimately, referring a user will cost a very small amount of BNTY, however, users are essentially trading a small piece of currency for increased trust in the network. Even though it 'costs' you money in one sense, the benefits you gain from this sacrafice are much greater.
In order to facilitate transactions across multiple fiat currencies and cryptocurrencies, BNTY will feature a decentralized exchange. Similar to NXT, Ripple & Stellar, this will act as a way to easily convert from 1 . If a user is purchasing an item and wants to use BTC but the seller only accepts USD, the network could execute two trade orders - the first BTC --> BNTY which is then sent to escrow, and when the funds are released, a market order for BNTY --> USD is executed.
This will allow BNTY to act as a protocol behind the scenes, and users can transact in any store of value they please. The price of BNTY will likely increase as more users are added to the network and more funds are timelocked.
In addition to an open leder of bounties, it's important to facilitate messaging between users as well. If an item is listed via Marketplace 1, and a buyer is found via Marketplace 6, these two users need some common ground to share messages & complete the transaction.
BNTY will feature a universal messaging system, which will allow users to communicate cross-platform.
Because all users can be anonymous, all messages on the BNTY network will be public data. This promotes the philosophy that while you're engaging in p2p commerce, don't do or say anything you wouldn't want other people to have access to.
This may help with social engineering attacks, as well as creates a level of social accountability within the community and promotes others to learn from previous users mistakes.
Lastly, I think it would be extremely interesting to analyze the process of commerce, what works, what doesn't, the linguistics behind success in economies / marketplaces, and many other potentially insightful dynamics occuring within our human culture.
Types of Transactions
Transactions on the Bounty.Exchange can be broken down into 4 unique types: digital goods, physical goods, services, & data.
All transaction types are goverend by the same basic rules, but slightly different information is collected for each type. Basic information required for all transactions include Title, Description, Category, Bounty, Keywords, Quantity, Conversion, & Bid Type. Most of these can be generated automatically by a service provider.
Location is useful for most transactions, however it doesn't really apply to digital goods. The difference between digital goods and data is digital goods exist exclusively online, while data is usually a hybrid of online + offline.
Data transactions will create a new sub-set of commerce on-top of the Internet of Things & Sensor Devices. Users and/or developers will be able to sell sensory data, in real time, to other devices with matching criteria.
For example, I can choose to sell access to my phones Push Notifications for 20 BNTY. A local resturant could search the BNTY network for transactions within 10 miles of their location. If your bounty is within 10 miles (matches resturants criteria), they may purchase access to your push notifications.
Through this common network, with enough traction, we may see a platform for the seamless transfer of data between all IoT devices. It would be possible to create a bounty with a minimal cost (.01 BNTY -- basically free), allowing anyone to access that particular packet of data for close-to-nothing.
As I walk into a hotel lobby, a new bounty could be automatically created with my location, and a few personal pieces of data embedded (via some 3rd party app). The hotel could constantly search the blockchain for bounties with their hotel location. When they see my .01 BNTY at their location, they bid the bounty price.
After the bid is accepted (auto or reviewed), the hotel would be sent a packet of data saying my name is John, I'm recovering from ankle surgery, my ideal room temperature is 79 degrees, I just finished a hike, and I'm looking for dinner recommendations for tonight.
The hotel can extract valuable insights from this data and easily enhance my overall experience. They can offer me a room on the lower floor (ankle), set my room to 79 degrees, put a free waterbottle on the pillow, and up-sell me on a resturant for dinner.
In addition, other nodes searching the network can bid on this .01 BNTY. A resturant 3 blocks away could know the hotel is a hot-spot for new customers. They can search for bounties at that location, and bid for access.
For the resturant, this is teaser-data. If they want to contact you, they still need to purchase your 20 BNTY Push Access bounty - the initial .01 BNTy is simple free targeting data that you're willing to give away because you're currently anonymous.
This essentially provides the devices around you with some context.
If the resturant gets the teaser-data and see's you're a good match, they can buy your push access bounty and send 1 customized message, something along the lines of "Hey John! Hungry after that hike? Our resturant is 2 blocks away - we have the best steak you've ever tasted. If you want to try it out, we'll give you a 20% discount."
Digital good transactions include ebooks, 3d files, songs, videos, movies, pictures, & files. Digital Goods transactions do not require a location.
Physical Goods transactions include products like chairs, cars, bikes, books, DVD's, antiques, and collectables. Physical goods require a location, and while users can spoof their location to 0.0, 0.0, they are still bound by the mutual timelock collateral.
Services transactions include cab driving, food delivery, house rentals, laundry, etc.