Closed wiz closed 3 years ago
clearwater-trust
commented
4 years ago I believe the naming scheme of Arbitrator and Mediator is confusing and not needed in this proposal. There is no reason to separate this group of individuals with separate roles. They should all post the same bonds and be directed under the same role.
Edit for clarity: They should all be mediators and/or arbitrators.
huey735
commented
4 years ago | I agree with the spirit of the proposal. The new trade protocol leads to funds being locked up longer than necessary thus affecting the liquidity. But feel like this may be over-complicating things. We want an arbitrator/mediator role to be able to come in and solve disputes and release funds as soon as possible. And we want the possibility of publishing the following the payouts: -- | btc-buyer | btc-seller | description |
|---|---|---|---|
| amicable | trade amount + security deposit | security deposit | trade goes accordingly |
| amicable | security deposit | trade amount + security deposit | traders decide to back out of the trade |
| hostile | trade amount | both security deposits | trade is successful but btc-buyer is penalized for infringing on the trade protocol |
| hostile | everything | nothing | trade is successful but btc-seller is penalized for infringing on the trade protocol |
| hostile | nothing | everything | trade isn't successful and btc-buyer is penalized for infringing on the trade protocol |
| hostile | both security deposits | trade amount | trade isn't successful and btc-seller is penalized for infringing on the trade protocol |
This can be achieved by having a payout tx sent to a 2of3 multisig made up by the traders and one of these 5 arbitrators. It is important to note that if we have the choice of arbitrator at the offer-taking step we can reduce the risk of theft by the number of arbitrators. Given that the choice is random and the arbitrators don't collude. With 5 arbitrators and a 20% security deposit the traders would have better assurances than now.
MwithM
commented
4 years ago This proposal has potential to improve a lot of things from the current trading protocol and the only thing I dislike is that it has been seriously considered after acknowledging that refund agent does not scale. I have 2 doubts and 2 possible improvement proposals.
Arbitrators will demand evidence to traders or that task should be done exclusively by mediator? What should arbitrators verify and what channel will be used for that?
Now security deposits can be asymetric (seller puts fixed 15% and buyer 15% or more, maker decides that). Could there be any problem with the asymmetry of costs between buyer and seller when buyer puts more security deposit than seller?
These payout TX will have a locktime of double the soft time limit for the applicable time limit, for example in the event of a BSQ trade which is 24 hours, this time limit would be 48 hours, allowing mediation to begin after 24 hours and arbitration to be completed after 48 hours.
I think time limit doesn't necessarily need to be the double for all payment methods. Altcoin instant have 1 hour trading period and SEPA has 6 days. Responding in 2 hours is too little for the first payment method, and 12 days is too long for the second. A reasonable time for altcoin instant would be 12 hour (although maybe still not realistic) and 2 or 3 extra days for SEPA would be fine. Anyway, it would still a great improvement from the current situation.
I would add one more payout scenario, which might be infrequent but possible: both traders are dickheads: Bisq should penalize both of them when none of the parts has shown any will to reach an agreement, responded messages late or, in general, have infringed trade protocol in a certain way.
@huey735 Your proposal also relies on arbitrators not colluding (although it would be more difficult to take profit of collusion unless they're all colluding), and if one of them falls sick there will be delays, while wiz proposal makes possible to substitute unresponsive arbitrators. Also, sharing signature of payouts looks better in legal terms?
sqrrm
commented
4 years ago This proposal reintroduces a trusted third party (TTP) into the trade protocol. While it looks possible to implement all this it also makes the whole complexity of the refund agent and burning man pointless. I think it would also be possible to do this as a multisig structure and return to the previous way.
However, I see a trusted third party as a critical flaw in a distributed system and I don't think it's a good idea to reintroduce it, at least not as a core concept. It's an existential threat to Bisq.
The idea of having several presigned payout transactions sounds like it could be a useful mechanism though. Perhaps adding this as an optional feature could work. That would possibly avoid a lot of the friction in current trades while anyone not wanting to use it could opt out, on both the trader and TTP side. There is a legal risk for anyone partaking in the TTP group but there might not be an existential risk to Bisq. The problem is the implicit requirement users could put on using this feature meaning it could become a basically forced feature.
I agree there is a need to make the trade process smoother and I welcome the discussion but I'm not convinced this proposal is the way to go.
clearwater-trust
commented
4 years ago This proposal reintroduces a trusted third party (TTP) into the trade protocol.
You cannot trade FIAT without a TTP. Nature of the beast. No amount of clever coding will eliminate fiat trading risk and the requirement of a trusted third party.
MwithM
commented
4 years ago @sqrrm
This proposal reintroduces a trusted third party (TTP) into the trade protocol.
The current trading protocol does not remove the trusted third party, it just delays its activity, which, together with long timelock peridod, is bad for user experience (more than 10 days to solve altcoin disputes, 20 for fiat) and security (10 days to acknowledge lost funds). At least this proposal distributes risks.
The only way we know to remove TTP is by 2of2 multisig and high security deposits (overcollateral) to allow Mutual Assured Destruction schemes, where both traders are responsible on completing a trade because both have something to lose at any step of the settlement.
sqrrm
commented
4 years ago @MwithM That is fair, we're still using the DAO as a TTP. I'm thinking that the DAO is sufficiently distributed that there is no particular central point that carries a particular legal risk and that the DAO is not easily pressured into acting a certain way.
huey735
commented
4 years ago @sqrrm as both @MwithM and @clearwater-trust mentioned above, the Third Trust Party never left and in the new protocol it was what led to the recent exploit. As of today @burningman2 can take all offers and just sit and wait for the funds to be sent to their address.
@MwithM you make a great point regarding the redundancy flaw in my suggestion. I don't know much about SSSS but given that 3of5 of the arbitrators can decrypt the transactions then that's the better way.
MwithM
commented
4 years ago About 2 (security model): I guess it's just that I never felt right that seller deposit is fixed to 15%, but this is working now and can be changed later.
clearwater-trust
commented
4 years ago In this proposal, a team of 3 of 5 arbitrators is required to make the payout.
Why are we using 5 and not the number x = total amount of individuals dealing with trade failures?
Separating this workgroup is not necessary. (Mediators/Arbitrators) They should all have the same privileges and be equally invested in ALL trade disputes.
x being the total number of mediators/arbitrators required to run all of Bisq’s markets. Or 2 of x. Or 5 of x. I don’t know.
Within the workgroup they can designate who will be available to review and sign eachother’s payouts in the event of a trade failure.
Why are you trying to separate this workgroup? Why did you make it 3 of 5 in the proposal?
huey735
commented
4 years ago @clearwater-trust I don't know what @wiz had in mind but it makes sense to me to separate the two as Mediators wouldn't have keys pertaining to the multisig. They're there just to help the trades trough the process. So they have less responsibilities and the role can be scaled easier to multiple languages. Arbitrators having to adjudicate have an entire different responsibility. I see this group of 5 arbitrators working well with even 100 mediators. The mediators would deal with the traders and in case of contention the arbitrators would just need the word of the arbitrator and one trader to make a payout. Also, it doesn't seem to me that a majority of signatories would be necessary for the SSSS scheme.
clearwater-trust
commented
4 years ago They should all read, review and arbitrate failed trades. No impotent mediator slavery required. Signing a transaction is NOT work.
Creating a powerless mediator role is workgroup suicide.
Separating the "failed trade" team into some weird hierarchy is worthless serfdom.
chimp1984
commented
4 years ago How should the verification of the alternative payout txs work if they are encrypted and not visible / verifiable by the trade peer? This is specially a risk for the seller as he has more to lose and would open up the door for blackmail attacks when the buyer creates an invalid signature and the seller has locked up more funds in the 2of2 MS.
If the peers would exchange the alternative payout txs/signatures (unencrypted) then any of them could easily publish the best outcome for them (e.g. seller gets all or buyer gets all).
So I don't understand how this should work from a technical and security point of view.
But beside that it would introduce again the old problem of the legacy arbitrator and just mitigate it by distributing it to a group of people instead of one person, but that would likely not lower the legal risks that this group could be interpreted as TTP. Using all team leads for that group would be an "invitation" how to shut down Bisq on the human resource side by applying legal pressure....
To use multisig and multiple arbitrators was always on the table with the old protocol as well but was considered a not substancial improvement so it never got implemented. Beside that, multisig (or SSSS) suffer from the inflexibility when members leave.
I don't see the need for SSSS instead of the more convenient and Bitcoin-native Multisig instead. E.g. group of arbitrators sign payout.
Considering that new protocol idea as optional would carry difficulties in UX and compatibility when one trader wants to use protocol 2 and other protocol 3. At least you would get lots of offers disabled if there is no match, and then you need to explain the users the complexity of the reasons for that -> a UX nightmare.... Giving the users the choice would also introduce a UX hurdle as they need to understand the 2 protocols.
I understand the problems with the current situation but what has been done over the past months to improve the know problems? IMO there are 4 main problems causing arbitration:
I think on the bugs side we got some improvements and I am not sure if there is much open. Probable most cases are due "future trades" caused by a higher price volatility not covered by the security deposit. This area needs improvement urgent! I will add a few ideas below....
For UX I think we could relatively easy add some popup or graphics to make it more clear to newbies that they have to be online and check Bisq's trade status. I assume some users are not aware of that, but its likely a very small percentage, but a problem which could be mitigated relatively easy.
Regarding lazyness/carelessness: More, better notification systems would help as well as higher deposits.
Ideas to combat "future trades":
I think as long those more simple steps are not implemented we should no try to do the much harder work like trying to introduce a new trade protocol.
ricardosaurio
commented
4 years ago Totally dislike this proposal. A better one would be to have traders to choose if they want 2/2 or 2/3 multisig with arbitrator.
wiz
commented
3 years ago How should the verification of the alternative payout txs work if they are encrypted and not visible / verifiable by the trade peer?
@chimp1984 I didn't have the solution, but now I do. We can use musig-dn to verify the encrypted data: https://medium.com/blockstream/musig-dn-schnorr-multisignatures-with-verifiably-deterministic-nonces-27424b5df9d6
initCCG
commented
3 years ago TLDR: Since after 4 years and the DAO, it's still down to proposals of 3 of 5 arbitrators - some of them known founders and devs - perhaps it's time to approach outsiders in escrow business for new ideas and arbitration diversity. There is a thread of reputable, long-standing escrow agents on BitcoinTalk; maybe some might have innovative suggestions or would even get engaged to arbitrate and free the devs for development? Perhaps, a BSQ bounty to advance over some obstacles, such as this one?
(Problem seems bigger than RA issue. To ordinary outsiders, seems clear that this part of Bisq is still centralized around the same original people and so by necessity and youth is the DAO. Is the part of it with the decisive voting power and consistent engagement still not much more than the devs who made it, and rightfully continue to earn most of the BSQ?
From the users' perspective, increasing protocol complexity is one of the things repelling old and new users in our experience, especially those who don't know English. All the steps, rules and limitations started making it seem like dealing with the legacy banking system and PayPal. Some payment methods have been driven out of use. A good example is that right now, there are exactly 3 users in the whole world that have Cash Deposit offers on Bisq. From our experience, it's likely that the new rules don't allow one of them to take the offer of the other, even though the accounts are not new. CD is one of the most common payment methods in our regions of the world with billions of people, but no longer on Bisq.
So many mediocre, nothing-new exchanges appeared years after Bisq, and outscaled it within a few months or a year. If we are still trying to find a way to scale key parts, such as final arbitration, seems that either the whole idea of a decentralized exchange can't scale, or more likely some new ideas are needed from the broader cryptosphere. I'm sorry that we are not smart enough to suggest technical solutions. :( Nevertheless, as active users and grassroots promoters of Bisq in several regions and markets, we can testify that the trading protocol changes since the DAO don't seem to be the way to scale or increase the user base. Until there are some, perhaps, best to go back to the original arbitration protocol. Bisq is not under any clear and present threat of any attack on the arbitrators to go after a few percent of a few percent of disputed funds of the overall DeFi market.)
chimp1984
commented
3 years ago @initCCG Can you make an issue with the issues you had with cash deposit. @pazza83 might be able to help to improve that payment method.
initCCG
commented
3 years ago @initCCG @pazza83 I'm sorry, the trader doesn't remember what happened exactly. She said some kind of a list came out of what to do, and she decided not to figure it out, because the trade wasn't worth the trouble, and English is not her strong skill. I asked to try to duplicate. If she does, I will update.
initCCG
commented
3 years ago One of my associates brought up some data he thinks useful to support the case I tried to make that Bisq arbitrators are not under any imminent threat of attack. So, the arbitration protocol could be returned to the previous 2 of 3, until radically better idea appear.
To the cryptosphere, Bisq's main bread is XMR, which is 60% of the trade volume: https://coinmarketcap.com/exchanges/bisq/ However, as a % of the overall XMR trade, XMR volume on Bisq is 0.00%. https://coinmarketcap.com/currencies/monero/markets/ Have to go to 76th ranking on market cap to find!
Let's say that's wrong, and it's far more - several %! That's still insignificant for most traders to even participate, as we well know, much less for legal and illegal criminals to attack Bisq contributors.
Furthermore, behold the current report from the most organized of criminals regarding "INTERNET ORGANISED CRIME THREAT ASSESSMENT": https://www.europol.europa.eu/activities-services/main-reports/internet-organised-crime-threat-assessment-iocta-2020
OpenBazaar is going out of business, is centralized around the OB1 corporation, appeared around the time Bisq did, and was mentioned in the report. Particl appeared only a couple years ago, and mentioned in this report.
Bisq is not even mentioned!!! AFTER 4 YEARS! It is so insignificant, that these gangsters didn't even care to mention it as a false boogyman!
The point is that until Bisq starts to get single digit volume at least on XMR, and appears on the radar of at least such organized, well-funded thugs, its founders and operators need not hide or decentralize. DAO needed for funding? OK, great! These other decentralization initiatives are so far solutions without a problem, until Bisq is actually in at least as much demand in the crypto markets as its lamest competitors above.
chimp1984
commented
3 years ago To go back to the old arbitration system it totally out of question.
pazza83
commented
3 years ago With regards @wiz's and @huey735's suggestions for New Pre-signed Payout TX Scenarios.
As the security deposit percentage has been updated to be between 15-50%, would it be appropriate to discount 'security deposit' and instead replace it with a figure based on 'percentage of trade amount'
15% of 'trade amount' would represent 100% deposit 7.5% of 'trade amount' would represent 50% deposit
I think this would be accurate based on when the proposals were made, May 2020, as at the time the security deposit was fixed to 15%?
Sometimes a trader might be unable to adhere to the trade protocol in terms of timing and communication due to illness, injury, computer issues, life events etc. In these cases there losses would be limited to 7.5% of the trade amount.
Setting a percentage of trade amount that both Buyers and Sellers entering the trade would be content to lose, or be in profit, if they, or their counterparty, were unable to complete the trade should be achievable.
A loss of 7.5% of 'trade amount' for traders unable to adhere to trade protocol seems reasonable (eg delayed payment, unresponsive counterparty, funds sent from incorrect account, new users making mistakes due unfamiliarity with protocol)
A loss of 15% of 'trade amount' for traders intentional breaching trade protocol seems reasonable (eg requesting buyer to send fund to another account, attempting arbitrage, not going ahead with trade due to their own mistake)
A profit of 7.5% of 'trade amount' for traders whose counter party is unable to adhere to trade protocol seems reasonable A profit of 15% of 'trade amount' for traders whose counter party intentional breaches trade protocol seems reasonable
A loss of everything for traders trying to fraud / scam / damage Bisq or their counter party is reasonable (eg adding 'payment for Bitcoin' in the bank reference!).
With regards @MwithM's scenario of what if both traders are dickheads, adding to Wiz's suggestions, I would suggest:
chimp1984
commented
3 years ago How should the verification of the alternative payout txs work if they are encrypted and not visible / verifiable by the trade peer?
@chimp1984 I didn't have the solution, but now I do. We can use musig-dn to verify the encrypted data: https://medium.com/blockstream/musig-dn-schnorr-multisignatures-with-verifiably-deterministic-nonces-27424b5df9d6
I assume you refer to MuSig not the concrete blogpost about the secuirty fixes. I don't see how MuSig makes any difference here to normal MultiSig from a conceptual point of view. There is still the problem that the receiver of encrypted signatures cannot verify anything. There might be some advanced zero knowledge proof schemes to make such stuff possible, but that is beyone any realistic possibilities for us (not having the cryptgraphers capable of such and not the financial resources to get that developed).
chimp1984
commented
3 years ago @pazza83 I don't understand your post. The current mediator can do the suggested payout from giving all (minus the min. refund 0f 0.003 btc) to one party if there was a clear protocol violation. For not malicious violations it is up to the mediators judgement to distribute. Once it goes to arbitration 100% of all funds+deposits are sent to the burningman and there converted to burned BSQ. The arbitrator can also judge if and how much any party should get refunded. So we have all lexibility managed by human judgement in place.
I think @wiz intention was to find a model where a 3rd party could release the funds without using the refund agant model. IMO this is very similar to the old 2of3 multisig arbitration which could have been extendes also to a group of arbitrators (3of5 or the like) doing the payout together. This idea was out since long but never got considered to be implemented as the coordination problem between the arbitrator would have added considerable complexity and fricton and the main problem that there is a 3rd party party partially controlling the funds (in some context) was just delegated to more entities but not solved.
pazza83
commented
3 years ago @chimp1984 I was attempting to make a suggestion for how trade disputes can be settled at mediation and arbitration with regards the comments about 'New Pre-signed Payout TX Scenarios.'
I am not commenting about the bigger issue of 'replacing the role of Refund Agent with a new team of Arbitrators'.
Consider the two following trades that are taken where the seller of BTC becomes unable to complete the trade withing the required trade period due to hospitalization, injury, computer failure etc:
Trade A Market: XMR/BTC Trade Amount: 2 BTC Payment method: Altcoins Trade duration: 24 hours Deposit Percentage: 50%
Trade B Market: XMR/BTC Trade Amount: 2 BTC Payment method: Altcoins Trade duration: 24 hours Deposit Percentage: 15%
In the above scenarios the trade is catergorized by @wiz as:
in this instance the loss of 50% deposit represents a significant difference between even trades of the same amount in BTC (Trade A and B).
The point I am was trying to make is that as the security deposit amount is now a variable (15-50%) would it be appropriate to instead define the payout as follows:
Using this methods payouts would be as follows:
Trade A Payout amount for BTC buyer: 3.15 BTC Payout amount for BTC seller: 0.85 BTC
Trade B Payout amount for BTC buyer: 2.45 BTC Payout amount for BTC seller: 0.15 BTC
The above is a little more complicated and I expressed it poorly mathematically. But it does take into account the variable deposits that can be chosen. I think these have only been introduced fairly recently.
My question with regards to New Pre-signed Payout TX Scenarios is: Should Trader A (trading with larger deposit) be penalized more than Trader B (trading with a smaller deposit) in the instance of them being unable to complete a trade within 24 hours?
My view is that limiting any loss/gain to 7.5% of the trade amount, due to being unable to trade in a 24 hour window, is fair for both buyer and seller.
chimp1984
commented
3 years ago @pazza83 Ah ok.
I think that proposal got interpreted as something which is planned/feasible. But I don't see a way how that could be done in a secure way (encrypted signatures cannot be verified and thus cannot be trusted). See https://github.com/bisq-network/proposals/issues/220#issuecomment-629582705
The current mediation/arbitration system has 100% flexibility anyway (beside that mediators have to give at least 0.003 BTC to the losing side, to leave incentive that this peer cooperates). So as long there is no convincing solution for the basic conceptual problems of this proposal I think discussion on the details which payout variations would make sense is lost effort.
flix1
commented
3 years ago I see that we are back to the old TTP v MAD hard choice.
I don't have the answer but I agree with @chimp1984 that going back to 2-of-3 sigs with arbitrator would be a mistake. It will never scale to millions of users.
I also agree with @sqrrm that having several presigned payout transactions can be a very useful mechanism. We have not fully explored its possibilities.
...and I agree with @MwithM that a 2-of-2 MAD system would be the simplest, most scalable, most pure p2p and most uncensorable long term solution. Maybe it would make sense to try it with small amount trades (0.01 BTC ) to see if % of failures is reduced over time.
flix1
commented
3 years ago Bisq will come under attack by regulators as soon as volumes become significant. That could happen as early as 2021. When that happens any person that touches funds or has any kind of control of user funds (ie: the 3rd signature) will have legal responsability and can be accused under AML regulations at least in the EU, US.
Any TTP will be a central point of attack. Even devs will come under attack, but at least as open source software Bisq should be fairly resilient to devs having to quit over those concerns.
We need to come up with solutions that remove those vulnerabilities for good.
For some alts atomic swaps should work (especially BSQ).
For fiat-BTC maybe a combination of 0.01 BTC MAD 2-of-2 trades + instant payment method + API could create a kind of payment channel...
flix1
commented
3 years ago Another possible combination would be to make the Trusted Third Party itself a protocol. ie: make the arbitrator a robot that acts according to pre-established rules.
That would make use of presigned payout transactions while retaining 2-of-2 multisig and pure P2P protocol. Maybe this will be possible with the API.
Or the combination of a human mediator that suggests a solution (but has no control of funds) and a bot that makes the actual payout taking into account input from 1. buyer 2. seller 3. mediator.
flix1
commented
3 years ago Establish a new Arbitration team Duties: Arbitrator team will consist of 5 highly trusted people who will verify any suggested payout by a Mediator and decrypt the proposed payout transaction if they agree with the Mediator and jointly publish it to the Bitcoin network
Primary Members: @sqrrm @m52go @wiz Backup Members: @cbeams @ripcurlx
Establishing a named arbitrator team is basically painting a target on your back. Any regulator would immediately know who to go after when investigating Bisq. At least in the old protocol arbitrators were anonymous!
Then you get arbitrators being arrested or pressured and we are back to 2-of-2 without arbitration... or worse.
Summary
This is a proposal to modify the Bisq trade protocol so that both trade parties create a set of pre-signed 2 of 2 multisig timelocked payout transactions at the time an offer is taken, and encrypt these transactions to the public keys of members of a newly established Arbitration team so that a majority of members of the Arbitration team can cause a Mediator's suggested payout to become effective by publishing the appropriate payout transaction to the Bitcoin network.
Rationale
When Bisq v1.2 was released, the Bisq trade protocol was modified from utilizing a 2 of 3 multisig to a 2 of 2 multisig deposit address for trade funds and security deposits. This was done to improve the security and decentralization of Bisq, making it truly peer-to-peer, and to eliminate a potential attack by Legacy Arbitrators where they could collude with a trader to steal trade funds and security deposits. After changing to a 2 of 2 multisig removed the ability for trade disputes to be quickly resolved using Legacy Arbitration, the role of Refund Agent was created to resolve trade disputes.
However, the Bisq user experience was severely degraded in the event of an unresponsive trade counterparty, bugs in the Bisq application, or intentional scam attempts by a trader. Currently traders must wait 10 or 20 days to be refunded in these cases, and the Refund Agent needs to use a significant amount of his own capital to refund these traders until he can be refunded by the DAO. Trading volume has dropped, and user satisfaction has decreased.
Additionally, this has now become an urgent problem for Bisq as the current Refund Agent wishes to resign, and there is no volunteer willing or able to perform the role. This proposal aims to solve both issues at once by eliminating the need for a Refund Agent by utilizing a set of pre-signed timelocked payout TX that can be published by a majority of Arbitration team members after a shorter time period, but also retaining the current 2 of 2 multisig security model so that Bisq remains truly peer to peer.
Causes
There are many causes of a trade failing to be resolved by Mediation and requiring Arbitration, but these are the most common:
Unresponsive Trade Counterparties
Bugs in the Bisq software
Intentional scam attempts
Proposal
Currently if a Mediator makes a suggested payout, it has no effect in the above cases and is simply ignored by the defaulting party. This proposal is for developers to implement the following new pre-signed timelocked payout transactions, and to encrypt them to the public keys of 5 members of a new Arbitration Team.
Establish a new Arbitration team
Duties: Arbitrator team will consist of 5 highly trusted people who will verify any suggested payout by a Mediator and decrypt the proposed payout transaction if they agree with the Mediator and jointly publish it to the Bitcoin network
Requirements: Must currently perform at least 2 bonded roles for Bisq, and have posted bonds for those roles. Additionally, no Arbitration team member can be a mediator since it would create a conflict of interest, so they will have to resign as Mediator if becoming an Arbitration team member.
Primary Members: @sqrrm @m52go @wiz Backup Members: @cbeams @ripcurlx
Pre-signed Payout TX for DAO Donation Address
Currently when an offer is taken, both trade parties create a pre-signed payout transaction that can be published by either party when the timelock expires. This allows funds to be donated to Bisq and the traders to request a refund from the Refund Agent. This will remain as-is, and function as a fallback mechanism in case the new Arbitration is not successful for some reason.
New Pre-signed Payout TX Scenarios
Bisq developers will need to implement several new timelock payout transactions signed by both parties, for the following potential payout scenarios. These payout TX will have a locktime of double the soft time limit for the applicable time limit, for example in the event of a BSQ trade which is 24 hours, this time limit would be 48 hours, allowing mediation to begin after 24 hours and arbitration to be completed after 48 hours.
1) Buyer does not pay or is refunded by Seller, and Parties mutually agree to cancel trade
2) Mediator verifies Buyer paid as agreed, but Seller unable to confirm payment due to bug in Bisq
3) Mediator verifies Buyer paid as agreed, but Seller causes delay by neglecting to acknowledge payment, or Seller fails to respond within time limit
4) Mediator verifies Buyer did not pay, or Seller claims Buyer did not pay, and Buyer fails to provide proof of payment, or Buyer fails to respond within time limit
5) Buyer intentionally breaches trade agreement due to deception or fraud
6) Seller intentionally breaches trade agreement due to deception or fraud
Developers / Mediators: if you can think of other potential payout situations, please comment with suggested additional payout scenarios
Encryption to Arbitration team using SSSS
After the above new payout TX are signed, they will be encrypted to the public keys of the Arbitration team members using SSSS, so that the trade parties cannot broadcast them by themselves, and only 3 of 5 of the members of the Arbitration can decrypt them by working together. This might be best implemented in the app using the existing Arbitrator GUI with a button for Arbitration team members to approve a suggested payout by a Mediator.
Implement native OS notifications for all platforms
The final part of this proposal is to create a BSQ bounty for the successful implementation of native OS notifications for all supported platforms without adding a new jar dependency.
Feedback
Feedback requested from @sqrrm @cbeams @ripcurlx @chimp1984 @m52go @refundagent