Tue Nov 03, 2015 6:31 pm

Since you cannot trust any of the peers in the system, and you cannot trust the sender of the item to ship the real thing, I can see a few risks that would have to be addressed. For example, the sender not sending the goods, the sender sending a brick, a node stealing the goods, a node stealing the goods and replacing it with a brick, a bad actor opening the package and inserting a GPS tracking device and relaying. I'm sure there are others, but if this is what comes to mind immediately.

Is the sender aware of the physical address of each node in the route? Or is the next node's address only decryptable by the one before it? A node would need to be 'clean' (it can build no reputation) for each transaction, otherwise a map of nodes and physical addresses could be made. Presumably, there would be fewer nodes than packages being transmitted, so a node that receives hundreds of packages would likely be a node, and a "node" that only receives one would be the end point. If nodes forward to physical addresses frequently, he could write down the address of this node. I guess I am saying: this system would work best if everyone who sends and/or receives packages takes part in this system - for some time before and after receiving a package. It cannot really be a one-time deal.

Since you are protecting against government spying, you would need to protect against a government agent setting up tens or hundreds of relay nodes. They would know about each other, so would only have to investigate unknown addresses. You would also need to protect against tagging/tracing the package - through RFID labels, GPS loggers, etc, that could be inserted into or onto the package. Now, it is not 'multiple packages that get sent one time', but 'one package that gets sent multiple times'. I'm not sure how you would protect against that. You'd not want every node to open the package, examine it, put it in the microwave for 10 seconds to destroy electronics, repackaging it in different material and mailing it... but besides that I am not sure what would suffice. This approach is providing an entrance point for the entity you are trying to exclude.

Not to mention that, in the event that a government controlled node is the first node, the USPS database would show where it was mailed from. This may not lead to the sender (if he was careful), but it could be combined with other information sources. At the very least, it could get examined for fingerprints (or would you mail items with gloves? The USPS would find that strange in summer!).

Are you talking about a 2/2 multisig contract between sender and receiver? Let's assume the value of the goods are 1 BTC, so the sender and the receiver each put 1 BTC in this 2/2 multisig address (2 BTC total). The exposure for the sender is 2 BTC (1 BTC for the goods, and 1 BTC for the bond), and the exposure for the receiver is 1 BTC (for the bond).

I'm not sure what you mean with "The public key would not be included in this contract" as the multisig address would require the public key for both parties for it to be created. Are you referring to a 2/2 multisig address, where a transaction is signed (outputs specified) by one of the parties but not both? Or are we talking about different things here?

If the node puts 1 BTC (in our example) up as a bond - what guarantee does he have that he is not sent a brick? How can he force the release of funds after he has sent it? Is he at risk, if he sends it but a node somewhere down in the chain does not send it? What happens when the package is authentically lost?

The sender must know the address of each node. If the government agency is the sender, they would be able to build a map of the system. If they keep doing it, at some point they would have found most of the nodes that relay. After that, they can act as a relay and find the end points.

I'm still a bit fogged as to what kind of transaction this is.

Another concern I would have, if I was a sender, I would have to ship the item (1 BTC invested), pay the bond (another 1 BTC invested), assuming 5 nodes: pay 5x the bond per node (5 BTC invested): so I am risking 7 BTC. If a customer wanted to destroy me, he would order things with different aliases (or hacked accounts), pay 1 BTC per transaction himself (which he would lose), and I would lose 7 BTC as a sender, and nodes would be collateral and lose 5 BTC in total (and demotivate them). Quite a multiplier.





First class mail inside the US is protected, unless the postal service has a search warrant:

https://postalinspectors.uspis.gov/contactUs/faq.aspx



... so why doesn't the sender just send directly via first class mail? The fewer people who know about the transaction, the more privacy. What stops one of the intermediate senders from opening up every package and then creating a nice little database of who received, what, when? (before packing it back up and sending it along, so they get their commission/deposit back)



If there is a search warrant or the package comes from overseas, and the package contains something illegal, I don't think law enforcement will care much if the intermediate sender/receiver says "I had no idea what was in it, I was just going to pass it along." I am not a lawyer, but either "conspirator" or "accessory to a crime" might stick.



Delivery by private drone to anonymous GPS coordinates is just about the only anonymous physical delivery system I can think of that would have a chance of working. And even that is easily defeated by a little bit of physical surveillance at the drop site. Maybe the drop site could be off the coast, where your private submarine is waiting to take delivery and then skeedaddle.... It's not clear to me what problem you're trying to solve, or what attack you're trying to prevent.First class mail inside the US is protected, unless the postal service has a search warrant:... so why doesn't the sender just send directly via first class mail? The fewer people who know about the transaction, the more privacy. What stops one of the intermediate senders from opening up every package and then creating a nice little database of who received, what, when? (before packing it back up and sending it along, so they get their commission/deposit back)If there is a search warrant or the package comes from overseas, and the package contains something illegal, I don't think law enforcement will care much if the intermediate sender/receiver says "I had no idea what was in it, I was just going to pass it along." I am not a lawyer, but either "conspirator" or "accessory to a crime" might stick.Delivery by private drone to anonymous GPS coordinates is just about the only anonymous physical delivery system I can think of that would have a chance of working. And even that is easily defeated by a little bit of physical surveillance at the drop site. Maybe the drop site could be off the coast, where your private submarine is waiting to take delivery and then skeedaddle....

Interesting, but I think such a project will be more effective if it leverages existing reputation systems and legal structures. Look at the benefits of Uber and AirBnb, and how they achieve impact. Anything that challenges laws in a subversive manner is going to face the nation states power. What makes much more sense in my opinion is to thing about how supply chains could be improved by interfacing with what exists, or focus on cross-border trade and transactions. These kinds of things are very general problems to be solved. Most likely there will be some interface with existing laws (the SC will be localized in some way).

Thanks for the responses.Before I start addressing the different points brought up, I'd like to clarify something I was hinting at in the original post: The important algorithm is the Death Note Incentive System I described. The Anonymizing of the U.S.P.S. is just a high level application of this algorithm. I found it easier to describe the algorithm via an example, and I'm hoping people will pick it up indirectly.It's important to realize that this (DNIS) is based on game theory in economics. Which basically means that it's designed in such a way that each person's individual greedy/selfish/non-altruistic motives align perfectly with the best possible outcome for all parties collectively involved in the system. If you imagine yourself to be any party involved in the system, at any given time within the execution of the system, you have one possible rational decision you can make - complete your task. If no flaws are found in this lower level system (see the graphs), then this is what is important and I'll start describing applications other than the U.S.P.S.The point of the system is that you don't have to trust them. It comes down to game theory. If the incentives are aligned perfectly, there is only one rational decision each participant in the chain can make. Thus, it requires no trust in them, but rather trust in the logic of the system.In other words, the underlying algorithm I'm proposing (Death Note Incentive System) is a way for you to program people's incentives. That's a highly counterintuitive concept.Whoever mapped out the route would be aware of each nodes address. The sender or recipient can create a route, or they both can. In fact, it may be more secure if both the recipient and sender created a one-hop version of this system. In this case, the sender would send to a peer he/she randomly selected, who would send to a peer that the recipient randomly selected, who would send to the recipient.This system implies that there would be no reputation systems.You can span the nodes across various jurisdictions and use various shipping companies to reduce the feasibility of this attack.As for RFID and GPS loggers - I imagine the packages essentially being an enclosed package within a package. So each time it would hit a node, the node would open it and repackage it without actually seeing the real contents (there's no incentive to as it would just put you at risk). At this time, they could wrap it in copper mesh if they were paranoid about tracking. That would limit GPS tracking to at most one hop.I imagine the sender would still want to send from a random location. In the market places I've examined that exist today, this is how it is often executed. The recipients are more at risk than the senders.This is not a 2/2 multi sig. As far as I am aware, DNIS is a new way to use smart contracts. It's a linked chain of smart contracts, where the execution of the previous contract is confirmed by the next executor in the chain who is then able to release the previous contract's bonds. Please look over the graphs. If I'm right, this is what is most important in what I've proposed because the applications are farther reaching than anonymizing the U.S.P.S.Presumably, the receiver would have already purchased the package from the sender. So the bonds are effectively equal.In fact, only one signature is ever required to release a bond. However, it's neither party involved in the contract. It's the next participant in the chain of contracts. The exception is the last contract, in which the sender is able to release at any time. However, the incentives are aligned so that his/her only rational decision would be to release the bond only at the time the entire chain has completed (otherwise, he/she would have the most to lose and nothing to gain).I'm not 100% sure that Bitcoin smart contracts can support the system I outlined today. However, my understanding of cryptography and software engineering tells me it is possible to create, relatively easily. That much I am 100% sure of.The node's guarantees are economics and rational decision making. The node does not put up a bond unless the sender simultaneously puts up a bond + a commission. Thus, there is no incentive for the sender to send a brick without incurring greater loss than the node. Neither the sender nor node would be able to release the bond unless the contract was successfully executed.Both the sender and recipient could create these routes. And in fact, it may make most sense for both to create small routes that unknowingly link to one another and span jurisdictions.I can't tell you a name other than the Death Note Incentive System (what I'm calling it), because I've never heard of this algorithm prior to thinking of it. It is outlined in the graphs.Yes, whoever creates the route assumes the most risk (this could be sender, recipient or both). However, in w/e marketplace they are transacting from, both would have ratings. Furthermore, on any one-to-one contract basis (which is all you'd ever see, as any party in the system other than the creator of the route), the risk is always equal.I'm not trying to prevent one attack. I'm trying to preserve privacy, as well as prevent collusion and eliminate trust by enforcing the curation of people's incentives with economics and the security of the Bitcoin protocol. It's a matter of aligning the incentives of each individual perfectly, so that there is one possible rational decision to be made in a chain of synchronously executing smart contracts whereby no trust, rating system, or custodial third parties / oracles are required, and whereby the accumulation of the execution of smart contracts as a whole equate to the best possible outcome for the system as a whole.If you are open to it, I would ask you to examine the lower level algorithm I am describing, Death Note Incentive System. It's how I'm using the smart contracts that I think could be important. The higher level application is irrelevant by comparison. I described the USPS app because: (a) describing DNIS by itself is not easy for me (b) i assumed it would be easier for people to understand through example, because most people tend to discover by analogy rather than by first principlesMy suspicion is that the database is relatively easy to mitigate, but I need to think about it some more.Drone delivery I've given some thought as well. It occurred to me that one could create a perpetually flying drones via cell phones (gyroscope, accelerometer, GPS, and 4G over TOR) and sell them in decentralized, anonymous marketplaces. I think whoever tries this will make a substantial sum in proceeds. I could see it beating amazon to using drone delivery, as FCC regulation would not be a concern for people in these markets.I don't like that reputation systems respond retroactively to error. I suspect the best approach will be simple, based on fundamental structure and not likely analogous to other systems such as Uber and AirBnb.--A hint at other suspected applications:I think DNIS can be programmed with multisig contracts for something I call "peopole redundancy" to mitigate risk in overall execution of the chain. For example, if you wanted to confirm someone's death without centralized smart contract oracles before executing a part of a DNIS system, you could enlist several incentivized peers with such instructions where N of M peers are required to confirm the death and N is less than M.