This is an archived post. You won't be able to vote or comment.

all 14 comments

[–]galaxyandspace 1 point2 points  (6 children)

So when I put my money in this "escrow", it is no longer mine? The market and the vendor only control the transaction from that point forth? Nope. This sounds like a scam.

[–]deepdot[S] 1 point2 points  (3 children)

Hopefully The admin will be here soon to answer everything, i asked him to follow this thread.

[–]IGetDankShit 1 point2 points  (2 children)

I'd be curious to know how his multisig differs from Cannabis Road's three multisig implementations and/or if his is similar to one of theirs.

[–]deepdot[S] 1 point2 points  (0 children)

I was asking the same actually, got some explanation (tl;dr - using newer and easier command of bitcoin core client)

but i would be more interested about hearing the explanation about what /u/galaxyandspace was asking (about the resolution part), if its like that it kinda misses the whole point of multisig in terms of protecting
Buyer <----> Vendor <----> Market But i hope i miss understood.

[–]1776tom 0 points1 point  (0 children)

The purpose of the multisig on 1776 is to secure the escrow from theft in the most automated and efficient way possible. The other escrow markets depend much more on manual processes to the point of not being worth the hassle for high-volume sellers. 1776 is designed to allow the vendor to do the bare minimum of setup and ongoing work and still have the assurance nobody is running off with both your money (as in the escrow it is both yours and his). A vendor could easily do 100 escrowed transactions a day with the users not needing to be any more sophisticated than they are on other sites, and actually less because they don't have to go through the hassles of escrow account deposits but get a unique deposit address for every order they place. It is designed to be a hyper-efficient and scalable engine for theft- and fraud-proof commerce.

[–]1776tom 0 points1 point  (1 child)

When you make a purchase, you do so based on the apparent reputation of the vendor. Is your money safer in an escrow that both the vendor and the market must sign off on, or is it safer in a giant pile begging for someone to turn off the lights and leave with it, begging a hacker to get at them?

I'll add escrow that buyers can opt into soon. If you need that to be comfortable you can hold off. I can't see how an established reputable vendor is going to collude with me to steal your bitcoins... he could have done that anyway in any regular escrow system and that's never happened.

[–]galaxyandspace 0 points1 point  (0 children)

I am no programmer, but it's a markets job to protect both the vendor and buyer as equally as possible. 2 user MultiSig fails to truly protect the buyer and just protect the money. Period.

[–]1776tom -4 points-3 points  (1 child)

They didn't disable JavaScript in Tor Browser Bundle for a reason. It is useful and it is not a security risk.

What stops any site from doing the same thing today re: shutting the vendors out and stealing the bitcoins? There is no vulnerability here that isn't there with any other site.

There's two signatures, both are needed: vendor and site. The purpose of the escrow on 1776 is to provide a workable, scalable, very easy-to-use and almost completely automated way to avoid the theft of bitcoins from the escrow. It does that.

I expect my fellow vendors to understand why that is the crucial and central issue facing Darknet markets. When vendors know they're not going to lose their coins, they can lower prices, buy in larger amounts, and do far more business overall. But that assurance has to come from a system that isn't so labor-intensive and cumbersome that they don't have time to use it. With this system a vendor can do fifty or a hundred orders a day and it will only take them maybe ten minutes to do all the signatures and sending of transactions that are necessary.

The buyer is in a hybrid situation. His money is far more secure than it is on a traditional server escrow site, but he doesn't have the options that the vendor does. He can, as always, withhold finalization. His position is greatly improved over the regular escrow system. For almost everybody out there buying right now, it's a significant improvement. Multisig sites aren't a big chunk of what's going on because they're not very usable. 1776 is.

[–]IGetDankShit 2 points3 points  (0 children)

They didn't disable JavaScript in Tor Browser Bundle for a reason. It is useful and it is not a security risk.

I stopped reading after this.

[–]1776tom 0 points1 point  (1 child)

Want to leave a note to prospective vendors and users before signing off.

I was told to anticipate the criticism of JS etc. I knew the Darknet culture and if I had been building a traditional site, I would have bit the bullet and made it all granola-compliant because I would get hounded out of town.

Tor Marketplace didn't have JavaScript. Where's your money? Sheep Marketplace didn't either. Where's your money?

The site is secure. But the security of the funds in escrow is not dependent on the security of the site or the integrity of anyone administering it. It is dependent on the reliability of Bitcoin itself. By transferring all funds out of the system after a single confirmation and into an escrow wallet jointly controlled by the vendor and the site, so long as the vendor keeps his key safe, and with all mailing addresses in the system automatically encrypted, there's just nothing to hack. That is by design. The system is designed to eliminate the need for faith in the security of the site or in the integrity of the operator, and it does that. The rest is immaterial.

I'll leave it there. Vendors and buyers can analyze that value proposition for themselves and make their own decision. This is nothing but an appeal to objective reason.

[–]deepdot[S] 0 points1 point  (0 children)

As i told you before, and since i like you and want to see you succeed, just:

  1. Get rid of the JS, completely. no point even discussing this.

  2. Add the buyer as a side to the 3-way escrow wallet (otherwise whats the point of the multisig for the buyer? he should be able to sign with the market or with the vendor and the market should be able to sign with the buyer in case the vendor is causing issues or disappearing)

And that's it, you should have a fine system if you just fix these two issues.

reddit gold

In Summation

Want to say thanks to %(recipient)s for this comment? Give them a month of reddit gold.

By purchasing Reddit Gold, you agree to the Reddit User Agreement.

  • make my gift anonymous
  • include a message

Please select a payment method.

Give gold often? Consider buying creddits to use, they're 40% cheaper if purchased in a set of 12.

Would you like to learn more about giving gold?