After Rishab's posts on the uses of digital reputation credentials, I'd like to present some thoughts on how to implement them. Thoughts on creating a Reputation Capital Framework This document is split into three parts: A creating a useful, basic system of service, methods of distribution and implementation of reputation information, and possibilities for extending the system which may make the whole thing unworkably complex, but also may make it much more useful. I am going to begin by not rigorously defining reputation capital. The initial application, IMHO anyway, is magic filtering. The cypherpunks list gets up to 500 messages per week. Right now, I filter based on whose messages I like to read. This is a weak system that requires manual updating. It does not automatically respond when someone who I respect says "I've enjoyed XX's posts." I think that the framework I outline here can do magic filtering well. It also has the ability to evolve into a full fledged system for complex digital reputations in various realms. The simplest system would be where people collect statements of the form "I respect Alice. /s/ Bob." * Alice would collect statements like this, and append them to the bottom of her writings so that people who respected Bob would have a clue that they might be interested in what Alice has to say. A 'web of respect' could easily be formed, with each step away causing some reduction in value. The number would have to be large enough that reputations could spread--ie, that people could get some use out of this beyond an elaborate name for a kill/hotfile. It would also need to be small enough that reputations lines do not extend forever. Eventually, you don't care what Kim thinks of Loius. I would guess that some multiplier between .9 and .05 would work well. People you respect directly get the highest rating, people further away lose some amount of that respect until it trickles down to nothing. * the statement "I respect Alice. /s/ Bob." is analogous to "I find Alice's work interesting, informative, or otherwise worth reading. If someone would like to suggest a name other than reputation credentials for this, I'd be happy to hear it. Note that in this simple system, statements do not have any numerical value attached. Bob can not respect Alice 30% or 99% of the time, he only gets a binary statement. Its an obvious extension to let Bob say "I respect Alice 80% of the time. /s/ Bob." I only point this out because it is not mandatory that a system be constructed this way, and in fact, even a very simple system could be quite useful. With the addition of partial respect, the need for an automatic reduction in value becomes much less clear. If Alice respects Bob 50% of the time, and Bob respects Charlie 50% of the time, then Alice will probably find that a 25% respect rating for Charlie is good enough. (I'm not going to get into possible variations here; things seem to work well using percentages for reputation credentials and negative percentages for disrespect. The numbers are multiplied together, shrinking away to nothing pretty quickly, except in the case of a group of people with a good deal of mutual respect for each other.) Also, if several reputation credentials come in for one entity, they can simply be averaged together. This respect rating is relative; there is no central organization to say that Charlie's Used Cars sells great vehicles 25% of the time, its just what Alice's agents will be able to gauge how interesting Alice might consider someones work to be. Someone she occasionally respects sometimes thinks well of Charlie, so its more likely that she will be interested in what Charlie has to say, at least in comparison to someone Alice has never heard of at all. In this system, it makes sense for Charlie to spend a lot of time making his customers happy at first, and holding on to their endorsements of him, because there is no time limit on the statements, and no way to retract opinions. So, those are two natural enough extensions. Decaying reputations, based on the age of the signature, cause a reputation cred. to eventually become useless. Then there is the matter of retracting, or post-facto changing your statement of a reputation. This is more problematic. Remember right now, Alice, Bob and Charlie are simply collecting these reputation credentials, and storing them themselves. If Bob sends Alice a statement "I no longer respect Alice at all. /s/ Bob, 1 Sept 1994," Alice can simply forget to include it in her list of reputation credentials. If she commits to it through some crytpographically strong protocol based on her actions, she can probably dump it, and do business for some period of time before someone runs through all the work to confirm her reputation is as she presents it, and discovers she is lying based on outdated credentials. A solid system needs to ensure that up to date, complete credentials are available for most people most of the time. In my next message, I'll show several possible designs for systems that could exist in parallel to distribute reputation information, and explain why each would be useful. I'll also sketch out a set of programs to demontstrate how the system could be used.