-----BEGIN PGP SIGNED MESSAGE----- At 6:17 PM -0500 on 12/2/01, Adam Shostack wrote:
In which case, you might be better off transferring the asset, rather than the nym.
Pretty much. Except that a nym may hold more than one asset, and might be easier to transfer than all the other stuff is. Take a look at the arguments for unification of currencies that preceded the creation of the Euro, and, more properly, something from the early 1980's called "New Monetary Economics", advocated by people like Eugene Fama (efficient market hypothesis) and Fisher Black (Black-Scholes option pricing calculations) which argued the opposite, that as computation increased, "numeraires", like the pound or the dollar, could be de-coupled from the assets that they were barter-proxies for. You may be right, though. Only when we do it will we actually find out.
Yeah, mature markets solve problems. How to create a mature market is a question that apparently can't be solved for all the tea in China, or all the oil in Russia.
Maybe, but even immature markets have to make money or they're killed in their cribs. My favorite analogy is how bugs learned to fly, which, if you remember your PBS science shows, evolved from skittering across the surfaces of ponds...
Not that I think the solution is all that hard; reading Smith, Hayek, Friedman, Nozick and some other smart people gives you a very clear map, but the folks with the guns over there still haven't read Olsen's last book (thanks), where he explains that thugs do better to let the economy grow than to take all the money at once.
I don't think so. The ones who fail, like the Taliban, keep getting shot to encourage the others, right? Again, immature markets, including monopolies for force have to make money or they're killed in their cribs. Three orders of magnitude, and all that? :-).
| Just to sort of thrash things a bit, in a capital markets | transaction, an exchange isn't such a hard thing to do, in the | sense that a secondary bearer-form asset transaction (primary is | like an IPO, or, for cash, a collateral asset conversion like an | ATM | transaction), cash for bond, say, would require the participation | of the underwriters in the exchange protocol. [...] | At primary issuance, a trustee is involved, so, that probably | supervises the Underwriter, who ever it is owns the underwriting | engine. The above should hold for all kinds of unique, uncopyable | things, teleoperated surgery, or opinions, for instance.
A nym is none of these.
I'm not so sure. If you create a nym as a unique entity which has control of keys which control assets, the word "unique" points to bearer-instrument protocol of some kind. A stock-exchange seat comes to mind. You don't want to sell multiple copies of a key, for instance, at least for lots of interesting uses. Which brings to mind the idea of a contingent claim, a derivative, for those of you in Palm Beach County. That points to protocols like Juels and Jakobssons's XCash, in which an executable itself, paying attention to signed inputs and capable of exercising control of an asset, is blinded and transferred around in a unique fashion, but I'm not sure how something would used exactly in the case of a nym. Clearly, once you have control of the nym, the nym can do anything it wants, but, I expect that most behavior involving other assets will be monitored by others in some fashion. I'm not saying government, of course, because they aren't efficient enough. But markets happen when people agree on certain kinds of behavior between themselves, and someone ends up ejudicating that behavior. The crypto-anarchic escrow agent comes to mind, for instance.
| I expect, for physical goods, some variant of this model holds, | because there's someone responsible for the physical supervision | of a given asset with a net-based audit/authentication of that | supervision of some kind, signed video, or whatever.
Or these.
Agreed.
| For "software", in the Gary Becker sense of something that can be | copied, all we're really looking for is something which | authenticates that a given copy of an information good is in fact | signed by the person proported to be the "author" of that | information/content/code. Coupled with a decent third-party | time-signature mechanism, you're fine, because, after the first | copy, such a good is a purely fungible commodity ala Hughes' | "Institutional Piracy", or the Agoric guys' "digital silk road", | or my "recursive geodesic auction" stuff. Such situations are | classic examples of so-called "perfect competition", as found in | physical graded-commodity markets everywhere.
So here's the rub. A nym (as I'm using the term) is control over a private key thats associated with some reputation, which Alice is trying to sell to Bob. Alice can not provide direct assurance that she won't keep copies of the thing she's selling.
Which means, you need a different protocol for selling them. I think you walked away too soon from the idea of a nym as a financial instrument, a contingent claim of some kind. Title to assets, at the very least, plus or minus "goodwill", for lack of a better word. I *think* it's part of the definition of a firm, in the Coasean sense of a collection of assets that are worth more together because they can transfer the value of those assets for more competitive advantage internally than the firm gets if those assets are sold into the market directly.
Through intermediaries, Bob can buy some insurance that the revocation games Alice can play are limited.
See, you're talking about finance already :-). Insurance is a contingent claim on assets based on external events. Remember how they called program trading of various derivatives "portfolio insurance" once apon a market crash?
How valuable that insurance is depends on the trustworthiness of the intermediaries, how likely the reliant parties are to properly check signatures, and the value of social engineering in a field where process issues are not yet well understood. (See also http://www.seifried.org/security/articles/20011023-devil-in-details. html)
Say 'amen', somebody...
There might be a relationship here to the sale of music bits; the RIAA is all worked up over issues of how do they sell the same bits over and over. If you can answer the question of "How to sell a set of bits exactly once?" you may be able to answer the question "How to ensure that I don't keep a copy of those bits?" or "How do I sell a million people copies of the same bits without them transferring them around."
First of all, I think that music shouldn't be copy controlled, because it's "software", in the pure Beckerian sense of something that can be copied, and, on the net it can be copied for almost nothing, something that probably makes Coase smile, somewhere, which was my point about commodity markets for information. The part about selling something once is what Chaum did already with DigiCash. The mint keeps a copy of the first "note", and, if another one crosses the transom, the key of the counterfeiter is revealed. Anyone who takes the cash offline, without the participation of the underwriter, deserves what he gets if the cash is double-spent, right? I think the apparatus for selling nyms is there already. Like I said before, all we need is an exchange protocol, something, like price discovery, has already been solved by lots of people (Micali has one, for instance, though I'm not sure how good it is because I'm not qualified to examine it), so we just have to find the best one. Cheers, RAH -----BEGIN PGP SIGNATURE----- Version: PGP 7.0 iQEVAwUBPArNPcUCGwxmWcHhAQHpGgf/cDMZz2gDnP92nr81OhTQI4jaMsBzWJBx v6EJRGPRFeGDADrxqimpgnlEgfd2R64lUkrFTXm1gKUYgnIITPDlhDHGRoOXG2PL BOzkVVbFcnAzHsgKcHzvQAyoxjebMYxb2ZIzlY/wbC9eeY4J8A7PcJnyf4qPOVAN BAcOaLorcPWN97WDJvIzfvyYnVSTLSV1MfdgSBAdiPB0bf+cVCzKp0Gv/noYyU35 VKYbUtU8sLjoebQAxqMF4/qNTZdvsfcPXKR+4nJ4ofygIKCEoZN/qXrOjv1RqEy0 WZcbSEtW6BTSubAVdHvywDxCqNNYZEF6pfxSh3rh44ORRtxI7lF1JA== =mA6i -----END PGP SIGNATURE----- -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'