Author Topic: [Business Proposal] 2-factor escrow agent for BTS  (Read 861 times)

0 Members and 1 Guest are viewing this topic.

Offline luckybit

  • Hero Member
  • *****
  • Posts: 2921
    • View Profile
  • BitShares: Luckybit
X-Post:
https://bitsharestalk.org/index.php?topic=12186.msg160885#msg160885

Quote

you can do escrow/multisig as greenaddress.it and the other btc service i forgot the name to is doing. It would work that way:

1) all your funds require at least 2 out of 3 or 4 signatures
2) your have 1 installed on your computer and 2 in cold storage
3) the other key is installed at a service provider
4) you want to make a transaction and sign the tx ..
5) you mail your service provider with the built-in mailing app
6) your service provider sends a SMS or does some other kind of 2 faktor authentication
7) if the authentication is successfull the service provider also signs the tx and the tx gets valid

that way you can even include 2Fak via Google Authenticator or similar. Like a
extra for when you do your transaction that holds the 2fak code ..

We should think about a extra PublicData field such that the user can define a 2fak service provider and let the wallet send the mail automatically ..
Making a transaction that way would look like this:

1) Users adds these values to the tx:
  - recipient
  - amount + asset
  - memo
  - 2fak
2) your account name requires a "2fak" field that points to your service provider
3) the wallet creates the tx and sends a BTSmail to service provider including all data from 1)
4) service provider takes the tx .. verifies your authentication via 2fakcode in the tx (or any other 2fak,, such as SMS)
5) if auth is ok .. service provider signs your tx and the tx can withdraw funds from a 2-of-4 secured address ..

optionally:
6) service proivider sends a receipt and a bill for the usage to the user
7) if user does not pay the bill the service provider just kills the private key and stops further business with the client (may be played by socket puppet .. will get more difficult with reputation on the blockchain)

wouldn't that make sense?
Who feels up to that task?

I think we need multi-sig escrow.
https://metaexchange.info | Bitcoin<->Altcoin exchange | Instant | Safe | Low spreads

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12922
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BitShares: xeroc
  • GitHub: xeroc
X-Post:
https://bitsharestalk.org/index.php?topic=12186.msg160885#msg160885

Quote

you can do escrow/multisig as greenaddress.it and the other btc service i forgot the name to is doing. It would work that way:

1) all your funds require at least 2 out of 3 or 4 signatures
2) your have 1 installed on your computer and 2 in cold storage
3) the other key is installed at a service provider
4) you want to make a transaction and sign the tx ..
5) you mail your service provider with the built-in mailing app
6) your service provider sends a SMS or does some other kind of 2 faktor authentication
7) if the authentication is successfull the service provider also signs the tx and the tx gets valid

that way you can even include 2Fak via Google Authenticator or similar. Like a
extra for when you do your transaction that holds the 2fak code ..

We should think about a extra PublicData field such that the user can define a 2fak service provider and let the wallet send the mail automatically ..
Making a transaction that way would look like this:

1) Users adds these values to the tx:
  - recipient
  - amount + asset
  - memo
  - 2fak
2) your account name requires a "2fak" field that points to your service provider
3) the wallet creates the tx and sends a BTSmail to service provider including all data from 1)
4) service provider takes the tx .. verifies your authentication via 2fakcode in the tx (or any other 2fak,, such as SMS)
5) if auth is ok .. service provider signs your tx and the tx can withdraw funds from a 2-of-4 secured address ..

optionally:
6) service proivider sends a receipt and a bill for the usage to the user
7) if user does not pay the bill the service provider just kills the private key and stops further business with the client (may be played by socket puppet .. will get more difficult with reputation on the blockchain)

wouldn't that make sense?
Who feels up to that task?
« Last Edit: December 12, 2014, 02:32:10 am by xeroc »