
Silk Road 2.0: A concept of a distributed anonymous marketplace - goshakkk
https://github.com/goshakkk/silk-road-2.0-concept
======
gkoberger
Don't forget SR1 was shut down due to a forum post that was linked to an
anonymous PHP question on Stack Overflow. [1]

There's nothing illegal in this repo, sure -- but definitely don't even think
of implementing it yourself. Or even use it.

[1] [http://arstechnica.com/tech-policy/2013/10/how-the-feds-
took...](http://arstechnica.com/tech-policy/2013/10/how-the-feds-took-down-
the-dread-pirate-roberts/)

~~~
ballard
This has problems and isn't going anywhere for long:

\- it makes GitHub a target

\- it makes contributors into targets

First, Git (although DVCS) needs to be located in a non-extradition country
where a SEAL team cannot just break in and steal dev servers. This sounds like
it would require tor also.

Second, all contributors need perfect anonymity hygiene. Anyone that commits
publicly is a liability. Use a new pseudonym just for this project, keep
issues and discussion to information and technical matters strictly.

~~~
pogue
This is absurd. We have to stop trying to run from our own government, we've
run out of places to go. I've been hearing arguments for years that we need to
place anything that's even a theory of committing an illegal act on some
micronation of Sealand or, like PirateBay, float drones in the sky.

It's going to get to the point where theres no where we're going to end up
hosting Reddit, et al., on the Moon.

~~~
JackFr
If you're intent is to create a facility, _whose express purpose is to break
the law_ , albeit laws you may not agree with, I think you're going to be on
the run for a long time.

~~~
pogue
Obviously that's correct. But, my point being is that the law is wrong and we
should attempt to challenge government instead of simply trying to evade it
over and over.

~~~
randallsquared
If you have a plan that seems workable, there are hundreds of thousands of
people willing to join you. If you don't, then jurisdictional arbitrage will
continue to be the order of the day.

~~~
pogue
I've been thinking a lot about this lately and I can't come up with a clear
and fully appropriate medium to actually challenge government overreach in a
significant way.

It seems to me, viewing history as an example, it used to be possible to
legitimately petition the government by means of demonstrations, protests,
contacting legislators, etc. Now that's been completely replaced with
lawsuits. Only by one party with significant means and resourcing sueing the
other and waiting a long time to reach the Supreme Court do things get
accomplished.

As this has to do with the drug war, however, I think things are slowly
changing. If the Prohibition of alcohol can be any guide it will take a large
enough public outcry along with voting people into office that share your
point of view. All that takes time, money, and at least some way to sway the
public (generally meaning control in some kind of large media company that the
public believes/trusts).

The only way to get started is for people to get together and say they want to
do it and start doing it. Apathy and complaining about it goes nowhere.

[https://twitter.com/pogue25](https://twitter.com/pogue25) if anyone wants to
get started :)

~~~
JackFr
Don't confuse disagreement with apathy. Remember that post-Snowden Congress
had the ability to put a stop to the NSA program and didn't, and the public
outcry (outside of HN) was fairly muted. So it seems that you've got to win
some hearts and minds first.

And winning the hearts and minds is not going to be easy. Consider the Tea
Party (and importantly consider your own feelings toward the Tea Party) A
bona-fide grass roots movement that the establishment has marginalized,
ridiculed and baselessly accused of violence and racism and now stands charged
with holding the nation hostage, by exercising legal and constitutional
rights. I suspect you're movement would not fair any better.

~~~
pogue
>Remember that post-Snowden Congress had the ability to put a stop to the NSA
program and didn't, and the public outcry (outside of HN) was fairly muted.

I don't see the public outcry as muted at all, but I suppose it depends on
where you look. Remember, we're in a transition of traditional/oldschool media
to new media.

I also don't expect the body politic to simply throw out their beloved spy
apparatus after some public outcry. This isn't just a decision of Congress,
but of a state funded military industrial complex that exists out of bounds of
any kind of oversight with their own secret budgets -- something almost
unheard of any prior state and without historical precedent. Trying to tear
down the walls of that is going to be an extremely complicated and time
consuming process, and I think its going to be a piecemeal affair.

> I suspect you're movement would not fair any better.

Obviously its very hard to establish a movement in the 21st century that can
effectively alter the status quo. I look at Occupy as a better example -- and
without getting into arguments regards one vs the other the Tea Party has
continued where Occupy faltered and disintegrated. You may not be able to
control what people say about you and its hard to keep a movement from
splintering, but if you go by the basic tenants of creating a popular mass
movement with leadership, specific political objectives, and enough funds, I
think it's very possible to get things accomplished.

------
dmix
Is this similar to Cryptosphere [1]?

Federated networks/decentralized hosting seems to be the future for anonymous
storage and communication. I'm curious to see what will be the first real
world implementation.

The black market drug industry always seems to create pioneers of new forms of
subversive technology (see narco-subs).

[1]
[https://github.com/cryptosphere/cryptosphere](https://github.com/cryptosphere/cryptosphere)

~~~
bascule
Cryptosphere author here. Thanks for the mention! The brochure site probably
provides a better overview than the github project page:

[http://cryptosphere.org](http://cryptosphere.org)

I should also give a shout out to Tahoe-LAFS, which the Cryptosphere is
inspired by. They've also discussed supporting distributed webapps and adding
a JavaScript API:

[https://tahoe-lafs.org](https://tahoe-lafs.org)

> I'm curious to see what will be the first real world implementation

Cryptosphere, Tahoe-LAFS, and similar systems have all sorts of potential use
cases. I'd love to see distributed Facebooks, distributed Wikipedias, and even
a distributed DNS registry.

One of the reasons I'm using Git as the "object manager" in Cryptosphere is to
better facilitate things like forking, so if there's a distributed web site
you like, and you don't like the way it's being managed, you could fork your
own copy and try to get people to use that instead (licenses permitting, of
course!)

~~~
Ixiaus
[http://gnunet.org](http://gnunet.org) deserves a shout-out too I believe.

~~~
bascule
See also: Freenet, MNet:

[https://github.com/cryptosphere/cryptosphere/wiki/FAQ#q-what...](https://github.com/cryptosphere/cryptosphere/wiki/FAQ#q-what-
makes-the-cryptosphere-different-from-insert-p2p-system-x-here)

------
ChuckFrank
Silk Road be damned! A distributed anonymous marketplace has many real and
tangible benefits. By having a robust community escrow mechanism, and by
having people deal directly with each other with reputational support, a
marketplace like this could unleash a new age of internet commerce. Add to
this several arbitrage mechanism to determine valuation, and I believe we can
build a marketplace solutions light years from what we have now. ___As I 've
been working on a marketplace platform plan for products and services of
uncertain value, if there are other people who are interested in partnering on
the build of such a platform. Please contact me as marketplace efficiency is
my passion and I believe that there's an amazing solution out there waiting to
solve this problem._ __

~~~
d23
Can you provide a contact method?

~~~
TrainedMonkey
Exactly what I was thinking. Craigslist on steroids is an interesting
proposition.

~~~
ChuckFrank
Yes. Optimized for both local and international buying and selling with the
purpose of eliminating arbitrage in objects of uncertain value. Added to that,
bitcoin, distributed, and built in community escrow -- the first truly
'internet' market.

------
pfraze
This strikes me as extremely inappropriate. Don't publicly advertise tools for
subverting the state.

> there are the bad guys with guns ("the state") that can interrupt the
> operation any moment and try to seize the money

This is just childish. There are much worse guys with guns that lack legal and
political processes. They generally don't bother us because the state protects
citizens.

Handle grievances with regulations or criminal code by organizing popular
support for policy changes, not by building systems to break the law.
Otherwise, expect to be treated as a criminal.

~~~
goshakkk
Well, what else is the state if not a group of criminals who, through use of
violence, coerce people into accepting their authority and following their
rules (which in most cases don't protect the interest of the people, only the
interest of the state)? It's a pretty libertarian/voluntarist view. There is
nothing childish about it.

I listed the state as an example because the state is seemingly the only
entity which tries to outlaw voluntary peaceful exchanges. There is a term for
practice of peaceful human action that for some weird reason is disallowed by
the state [1]

[1]: [http://en.wikipedia.org/wiki/Counter-
economics](http://en.wikipedia.org/wiki/Counter-economics)

~~~
pfraze
You're right that the state holds a monopoly on violence. You're wrong that
the interests of the state are significantly misaligned from the interests of
the people, or that black markets are wholly benign in nature. Failing to
recognize how much you benefit from your government is, yes, I'm sorry to say
it, childish - as is publicly condoning breaking the law in reaction. It's an
overly-extreme position.

I do think that automated systems that don't require bureaucratic governance
are a good idea, so I'm particularly annoyed by projects like this because it
can create a negative public image. You can apply the concepts much more
proactively.

~~~
stealsomesteel
>as is publicly condoning breaking the law in reaction

This is bullshit. You definitely didn't live under corrupt south america
regimes. Or in Soviet Union. Or in Belarus (author's location AFAICS).

If the law is very bad (e.g. death penalty for homosexuality), then it's not
people who are wrong when they're breaking it.

~~~
goshakkk
In there, they don't allow you to practice peaceful protest to the current
regime by simply walking into the streets and _clapping_. No signs, no
speeches, no anything. Just a crowd clapping is outlawed. Among other things,
they fined a one-handed (!) man for clapping (!).

Do you think it is proper to still practice obedience to the rulers in this
case?

What is different in the case of anonymous voluntary exchange? Sure, they can
outlaw clapping. Or breathing. Or being over 1m tall. Or anything. But just
the fact that these people might tell you "breathing is bad" or "being 1m+ is
terrible" does not make it actually this way.

------
VMG
Tip: hide the concept behind some clever academic sounding buzzwords, do not
mention SR or black markets at all.

------
aianus
Given that PGP keys were extensively used by vendors on Silk Road, wouldn't it
be possible to use Silk Road profile and transaction data (I'm sure there
exist some site dumps out there) to bootstrap a web of trust?

Then a distributed hash table or similar structure can be used to publish
product listings, signed transaction data, and feedback to keep everyone
updated on who's to be trusted or not. There would be no explicit escrow but
lots of people trusted the feedback history and "Finalized Early" on Silk Road
without getting scammed.

------
tlarkworthy
One of the features of SR was that the money was laundered on entrance and
exit to silk road. So you could not tell whose money went to who (despite the
bitcoin ledger being public). This proposal is missing that critical feature.

~~~
pogue
How was that done?*

*Hypothetically asking

~~~
saraid216
Upthread there's a link to an Ars Technica article [1], which has this line:

> He even ran a program called a "tumbler" to route incoming Bitcoin payments
> through a complicated series of dummy transactions, so as to make them
> infeasible to trace through the public Bitcoin blockchain.

[1] [http://arstechnica.com/tech-policy/2013/10/how-the-feds-
took...](http://arstechnica.com/tech-policy/2013/10/how-the-feds-took-down-
the-dread-pirate-roberts/)

~~~
tlarkworthy
yes this is the tech

------
FBT
Distributed services are the future, it seems. I predict (rather boldly, so I
may be wrong) that the next wave in computer technology will be the move from
centralized servers to a distributed framework. I foresee the next
Microsoft/Google/Facebook being a company that brings this idea to reality.
(Not specifically the Silk Road bit, but the general paradigm of distributed
services.)

~~~
pogue
That may be a very accurate prediction. With the rest of the world afraid of
using the US's cloud services for fear of NSA monitoring, something is going
to crop up to take its place. First it will be some kind of personal usage,
like p2p for trading pirated MP3s and eventually someone will start using it
for a business, editing spreadsheets and the like.

Decentralized and crypto Office being used by Joe Q Public!

------
pdenya
In SR1 wasn't an additional feature of having the money go through a
centralized party that neither party had access to the others BC wallet id?
Would doing it this way negatively impact anonymity?

~~~
kcorbitt
Maybe bitcoins could be moved around in an onion-routing scheme similar to
Tor. You might be able to see that a particular wallet ended up with the money
but it wouldn't necessarily be possible to see where they came from
originally.

~~~
bascule
See Matt Green's Zerocoin concept:

[http://zerocoin.org/](http://zerocoin.org/)

------
mburns
That was a long-winded, meandering way to say

1\. Transaction scripts in place of 100% human arbitrage. Reasonable feature.

2\. hand-wavy name coin reputation thingy. This idea makes no sense.

3\. Being federated would be 'neat', despite the example project being
abandoned and largely non-functional. Or you could just use Freenet instead of
Tor?

~~~
GigabyteCoin
> 2\. hand-wavy name coin reputation thingy. This idea makes no sense.

Using namecoin to keep track of identities makes perfect sense. That's
precisely what it was created to do. See [http://dot-
bit.org/Use_cases](http://dot-bit.org/Use_cases)

Obviously the reputations would need to be stored somewhere, but using
Namecoin to say "this arbitrator is definitely the arbitrator you are trying
to use for arbitration" would work perfectly well.

~~~
mburns
Bitcoin can already do third-party arbitration and Bitcoin addresses (and/or
GPG) can already track identity.

How does Namecoin help?

~~~
GigabyteCoin
Namecoin can keep track of the initial date that the particular identity was
registered. It can allow for the owner of the identity to quickly update
information for everyone to see in the blockchain. It helps a great deal when
it comes to keeping track of identities. You can store up to 1kb of data
inside a namecoin registration.

The above cannot be said of Bitcoin addresses or GPG.

------
pogue
I see the problem with Silk Road not essentially being with the currency or
the network mode itself, those both seem effective and appear to have been
functioning properly at the time of its shut down (in so far as we know). I
think the main issue is the trying to get physical items from point A to point
B without getting intercepted/apprehended. It's all well and good to move
digital items without getting noticed, but once you start shipping things you
have to used pre-existing structures (ie: USPS, Fedex, et al.) which, if not
run by the government, has no issue with giving any and all information to
them. How to solve this is more complicated than the other parts, IMO.

Secondly, the arbitration through a third party I could see as being
corruptible, if that third party is known and has no legal
ramification/justification for just acting on their own good recognizance.
It's like there needs to be a black market escrow that can't be bribed and
won't steal the money.

Also, I'd just like to add that there are other potentials for connectivity
outside of Tor & I2P. Older networks such as Freenet allow this kind of node
hosting without having to "invent the wheel" and use some kind of new way to
host a forum -- it probably just needs some oil added to the wheels.
[https://en.wikipedia.org/wiki/Freenet](https://en.wikipedia.org/wiki/Freenet)

------
smoyer
Funds were also transferred through SR's wallet so they could take their cut.

~~~
goshakkk
A similar can be implemented with this, too.

Basically, when you want to buy something, instead of sending bitcoin
manually, the marketplace generates a payment request for you, with two
outputs — merchant (the good price) & marketplace (the fee) + some unique ID
in the comment field so that the service can link your payment to the order.
It can be a QR code or bitcoin:// link or something.

~~~
smoyer
I didn't say you couldn't do it but please describe how this part of the
marketplace is distributed.

~~~
conductr
Would a distributed marketplace even charge a fee? I would assume all users
would be happily compensated by the existence of the marketplace. The lack of
fees also increase margins/decreases price

~~~
pogue
Somebody has to pay to host the thing, run it and so forth.

~~~
Jonovono
_Distributed system._

~~~
pogue
Quite right. Still, I think this whole libertarian concept is probably based
on the idea of _someone_ making some money somewhere along the lines. :)

I assume the mediators would need to be paid, at the bare minimum, probably
moderators to filter out junk and spam and whatever other unforeseen
circumstances pop up.

------
nazgulnarsil
Horribly underspecified. Reputation based third party arbitration is not even
close to a solved problem. The bitcoin block chain _does_ provide a new
potential tool in making reputation systems more reliable (a distributed
repository of public/private key pairs enables you to reliably tie reputation
to a persistent transaction history), but there are lots of free parameters in
such a scheme that need to be done right.

Additionally, with the node idea, the issue is that most people, including
drug dealers, don't want to be mirroring lots of illegal content on their
boxes. The set of people who can follow simple rules related to posting on
forums and mailing items is much much larger than the set of people who can
roll a secure node in a network.

~~~
goshakkk
The nodes will not "mirror" content of other nodes, no. The nodes will be just
storing their own data + provide a UI for browsing content of that node as
well as the content of other nodes. So technically you're not hosting anything
illegal even if some other node does.

~~~
Karunamon
Freenet gets around this by having the local data store encrypted and
invisible to the local user. You may or may not be hosting illegal/terrible
things, but you (and more importantly, the bad guys with guns) don't know
either.

------
devx
Couldn't this work on RetroShare's "forums", too?

[http://retroshareteam.wordpress.com/2013/01/19/retroshare-
fo...](http://retroshareteam.wordpress.com/2013/01/19/retroshare-forums/)

~~~
FBT
Yep. I fully expect forums like that to become a dominant mode of
communication in the near and medium-term future. All it really needs is for
someone to make for it a slick and easy to use interface. If I was in a
position at the moment to found a startup, this would absolutely be the field
I would found it in.

~~~
atmosx
I don't see any feasible financial model, how will you induce cash flows since
you'll need _nodes_ to run the _service_ and these nodes will also be clients?
- If I understand correctly that is.

~~~
FBT
That is a good question. I will first repeat the advice often given to startup
founders: Get it working first, find a was to monetize it second.

Beyond that, I have had a few thoughts. Yes, I actually agree that this would
be a harder endeavour to monetize than most startups, but if it really came to
it, you could make a profit. I did not really go deep into these
considerations, as (like I said) I don't actually have the resources at the
moment to make it a reality, but my main idea was to integrate it somehow with
the bitchain. AFter that, there are several ways you can profit. Say, have
each post cost a fraction of a bitcoin to propagate it along. It would
encourage others to catch the posts and pass them around in the same way
bitcoin miners getting bitcoins for mining encourages bitcoin mining. And then
I could charge a commision on that.

That is one example, of course I would have to way up all the pros and cons of
each approach, and of course there is the drawback of any monetization system
necessarily introducing _some_ point of centralization, even in a otherwise
entirely decentralised system.

------
kilroy123
There were alternatives to SR before the bust, so I imagine one will take its
place, and become the biggest.

Just like with all large drug enterprises, one falls, another comes in and
takes its place.

No doubt the other site owners will learn from all this and adapt.

------
hosh
I want to see this implemented for buying/selling designs for 3D printable
things, and other supplies for Makers. I'm talking really basic things like
the OSE's tractor designs.

Also: is there any way to use these scripts as a form of DRM? The biggest
weakness to current DRM schemes is that the validity of a license depends on a
trusted party -- the seller, or something like Steam. While such a scheme
won't keep people from outright pirating digital goods, I think I would rather
trust a p2p DRM scheme than depending on say, Amazon or Barnes & Noble to stay
in business.

~~~
vog
_> is there any way to use these scripts as a form of DRM?_

If you aim for consumer friendliness, you shouldn't do DRM in the first place.

 _> I would rather trust a p2p DRM scheme than depending on say, Amazon or
Barnes & Noble to stay in business_

Since DRM is by definition "defective on purpose" (or "defective by design",
as some NGOs say), there is no reason to trust any DRM scheme - p2p or
centralized.

~~~
hosh
There are good use-cases for DRM, for example:
[http://pastebin.com/VSjCpYxt](http://pastebin.com/VSjCpYxt)

~~~
vog
Thanks for sharing, this was an interesting read. However, I failed to
understand in how far this establishes a good use-case for DRM.

This story is about a US citizen who started a company in the EU (he chose
UK), which was easy, but failed to open a local bank account there, no matter
how hard he tried. He finally solved this problem via Bitcoin.

He wanted to operate in the EU because his new business concept was based on
the very strict consumer protection law in Germany (in particular, the
UsedSoft v Oracle ruling).

So from this story I learned:

1) that Bitcoin is very handy, and

2) that strict consumer protection laws are not only good for customers, but
can also be good for business.

But I don't see how this story makes a good case for DRM. I merely see how DRM
could be used to prevent his business model and to circumvent the German
consumer protection laws (at least partly). Is it this what you meant?

~~~
hosh
Ahh, you missed the essential point. :-) The point is that that you can use
the p2p ledger to publicly track rights, like a notary public without the
notary. Normally, this is centralized in a few hands, vested in a trusted
source (the government, or a third party). Property rights, titles, deeds, all
are recorded by various government offices like the county clerks.

What makes the DRM issue really about power (and NOT about "freedom" or
"consumer friendliness") is that current DRM schemes puts all the power into
seller. The most vocal dissent against DRM, however, when examined, really
about retaining the power that comes with cheap computing.

This is no way for society to function. We're not the Wild Wild West and I
certainly do not want a tyrannical social order either. The solution is a
decentralization of power. Being able to use an untrusted mediator is a big
deal, of which a DRM method is one small application of this.

In this guy's case, he is selling used software in the EU. By being able to
tie the DRM to the bitcoin transactions, it better allows for used software to
be passed from one person to another in a fair and equitable way. It can be
done in a way where the software owners have little to complain, that if
you're going to resell the software and treat it like a tangible good, then at
least that gets tracked.

Now, I've heard arguments that, software and other digital "goods" are not
inherently tangible, and should have no scarcity restrictions on it. That
_any_ form of DRM is therefore arbitrary. However, that fails to consider two
points. First, is that authorship and creative endeavor is itself not as
easily replicable as the digital good. When you pay for a digital right,
you're actually paying for the effort put into the creative endeavor --
although in practice, the owner and controller of a right often is not the
creator. The second, is that all types of property are inherently arbitrary.
There is nothing sacred about property, though a lot of people have deep,
unexamined, emotional attachments to property.

I actually find it hilarious that people get angry about how arbitrary digital
rights are ... and yet fail to consider that all property rights are
inherently arbitrary. Who owns the water, the land? Who owns the air? Who owns
the animals and other living beings on earth? We humans like to think we are
the owns, but we not really. We draw arbitrary lines around land and other
resources and trade pieces of paper designating ownership. Why not get angry
about that?

------
ebbv
What's up with using github for what amounts to a text post? It makes the link
misleading (implying that you actually have some code), and it's not a great
use of github anyway.

------
gobengo
This is an admittedly ignorant question.

Would telehash be a useful application protocol to implement this on?
[http://telehash.org/](http://telehash.org/)

It's built on a distributed hash table (DHT) routing mechanism that is
inherently decentralized.

~~~
pogue
Sounds interesting, but I'd have to see it work in a live practice. There's a
lot of neat and interesting protocols out there that look good on paper, but
in a real world setting completely fail. That's why we've seen a
disintegration of services that run outside of port 80 (www).

------
stretchwithme
Maybe the first step is creating a github-like platform without an attackable
central authority.

------
0xdeadbeefbabe
A title like Silk Road 2.0 makes me think you want attention more than you
want a distributed anonymous marketplace. Why not focus on having a
distributed marketplace that also happens to be anonymous instead of focusing
on the anonymous aspect so much?

------
frank_boyd
RetroShare accepts plugins, so could that be an option?

It's open-source, decentralized, public key encrypted communication and very
easy to install and use:

[http://retroshare.sourceforge.net/](http://retroshare.sourceforge.net/)

------
tlrobinson
The problem really boils down to reputation and trust. If you can create a
"portable" reputation that can move among decentralized marketplaces the rest
is relatively easy.

But that's a very hard problem.

------
TomGullen
Oh god, something like this surely you'd want to distance yourself away from
Silkroad as much as possible? Call it something else. Don't mention SR.

~~~
d23
I doubt he's gonna make it. I think it was just thrown out there as an idea.

~~~
ChuckFrank
email me.

------
debacle
It would be easier to just create a new Silk Road website.

This site also fails to cover the laundering aspect of sending/receiving from
a DPR wallet.

------
wf
This is way way off topic but it has been really bothering me lately: Why do
so many people misspell "losing"? In the wrap up of the OP:

> _The federated distributed marketplace will be much more difficult to shut
> down. And even in the case of shut down, no one is loosing their money._

I have been seeing this everywhere lately and someone even tried to argue with
me that _I_ was misspelling it. Why is this such a common screw up? Lose only
has one o as does lost. I see no plausible explanation.

~~~
goshakkk
It's one of only a few words that I keep misspelling over and over again. But
why post a comment dedicated solely to proper spelling of "lose" and wondering
why so many people misspell it? What's the point?

If anything, you could submit a PR or just say "hey, there is a typo".

(Fixed now.)

------
okey
Calling this SR2 might not be the best idea, given the intent of the original.

------
yeukhon
Why are we encouraging black market?

------
leishulang
someone will make it eventually. and when it's done, it will be more than a
github repo.

------
ye
Freenet is anonymous, distributed storage and application framework.

Do we need to reinvent the wheel?

[http://en.wikipedia.org/wiki/Freenet](http://en.wikipedia.org/wiki/Freenet)

[https://freenetproject.org/](https://freenetproject.org/)

