Re: [Taler] Anonymous Selling

[Jeff Burdges]

I'll be slightly more precise :

On Thu, 2015-11-26 at 12:04 +0000, hellekin wrote:
> From what I understand, one of Taler's features is that the seller's
> transactions are always auditable.  Does this mean the seller cannot 
> be anonymous at all?

A customer and mint can together deanonymize the seller.  Any blind
singing based system that reduces fraud risks by avoiding offline
transactions has this feature.

There are presumably religious prude fake customers who'd love to
deanonymize all the sex toy sellers, so your John Doe depends upon the
mint being unwilling to collaborate with them.  

I could imagine this being problematic if he offers his shop in Arabic
and sells to customers in an oil rich Wahhabi nation that bought his
nation's president.

I could imagine this being problematic if he sells merchandise that's
legal during sale but comes from practices that might be illegal in his
country, like psychedelic mushroom spores.

Now extremely savvy merchants can place their bank accounts in
countries with stronger legal protections.


There is an approach to removing this threat that's relevant for cloud
storage that does not eliminate offline transactions entirely.  

We offer two colors of coins : Customer colored coins can be withdrawn,
spent, and refreshed as normal.  Merchant colored coins can only be
obtained by exchanging customer colored coins for them.  Merchant
colored coins cannot be refreshed, only deposited.  

In this system, merchants cannot be deanonymized by a customer and mint
collaborating against them, but..
- Merchants can anonymously sell contraband goods without risking
deanonymization.
- Merchants can pass their coins on to another merchant, thus avoiding
one round of taxation. 

These create political risks, especially when other Taler mints have
deployed a system that prevents them.  It's maybe okay to do this if
you can make a case that these anonymized merchant transactions are
being used for internal accounting procedures, although you'd want to
both speak with a lawyer who understand this stuff, and be sensitive to
the political climate.


I had a particular scenario in mind :  The mint is running an
accounting system to facilitate collaborative cloud storage in a system
like Tahoe-LAFS.  Users are both merchants when they provide storage
space and customers when they consume storage space.  Your coins are
denominated in megabyte-months and are automatically spent as needed,
first on files you posses the write-caps for and second on files you
only posses the read-caps for.  Users may share their files' read-caps
with friends so that they deduplicate and collaboratively pay.  

Joe shares his movie collection with Alice who shares it with Bob who
shares it with the world.  Joe is happy because thousands of people are
helping to pay to store his movie collection.  Ain't clear that he
should be so happy though, as the MPAA can now learn his read-caps and
argue it's no longer a personal collection.  Now the MPAA puts coins on
Joe's movies, subpoenas the mint for the actual hosting providers, and
issues DMCA takedowns against them.  Joe loses his movie collection,
becomes sad, and because everyone depended upon Joe and this mint some
movies are lost to history.

In this scenario, there is not necessarily any need for megabyte-month
coins to be officially convertible to money, at which point the scheme
becomes basically a video game currency, presumably immune to taxation
under normal use, and can use the two color coins system.  In fact, the
mint can even offer hosting themselves and sell coins to pay for the
system, again like a video game company.  It becomes more problematic
if the mint lets you redeem coins for real money, but maybe they can
vet merchants or something. 

Jeff

signature.asc
Description: This is a digitally signed message part