[undata] Deed system for #bitcoin-assets, updated.

Saturday, 17 January, Year 7 d.Tr. | Author: Mircea Popescu

The spec :

1. Bot idles in chan. Upon receipt of command including pastebin link,

2. Bot reads first line. If equal to "-----BEGIN PGP PUBLIC KEY BLOCK-----" bot adds key to its keyring, verifies that key fingerprint matches a trusted participant by calling w.b-a.link/trust/7C1FBEC924FBD66531A02AE3F95E4E395927DC9C/fingerprint/

2.1. Should the verification fail bot deletes entry from its keyring ;
2.2. Should the verification succeed bot signs the key and pushes it to public repositories.i

3. If first line equal to "-----BEGIN PGP SIGNED MESSAGE-----" bot separates all signed documents contained in pastebin into individual units. For each unit :

    3.1. Bot extracts the sig fingerprint through a process homologuous to gpg -v -v ;
    3.2. The json found on the webpage at w.b-a.link/trust/7C1FBEC924FBD66531 A02AE3F95E4E395927DC9C/fingerprint/json is loaded and parsed.
    2.3. L1/L2 trust is computed on the basis of information from 2.2. If this results in L1 or L2 trust > 0, bot includes the whole message (from begin headers to end headers inclusive) into a special, \n separated blob. Otherwise, bot deletes keyid from its key ring.

4. Blob is hashed as a privkey for a Bitcoin address, obtaining that address.

5. A 0.0001 payment is made to that obtained address.

6. Once payment from 4 has received one confirmation, the bot uploads the blob on a website as a textfile, of the format blocknumber-bitcoinaddress.txt, where blocknumber = number of the block that included the tx and bitcoinaddress = the address that received the payment.

7. Bot announces the url of the textfile in channel.

For convenience, the sequence 3-7 should run once each hour, having all material obtained in the respective hour managed together.

Note that this spec has already been implemented twice in the past five months. It is not a very difficult thing to implement. It is however very important that the implementation lives forever, so therefore keeping it online no matter what is the hard part of the task.

Note that this spec was last updated on January 18th, 2014.

You can cut the job into yearlong slices if you prefer. You can also contact punkman to recover previous effort if so inclined.

UPDATE. After discussion in #bitcoin-assets, undata was placed in charge of this project.

  1. gpg --send-keys keyid []
Category: Job Board
Comments feed : RSS 2.0. Leave your own comment below, or send a trackback.

4 Responses

  1. Is the ability to sign multiple documents in one go very important to you?

    I'm asking because separating multiple concatenated GPG documents by looking at strings like "-----END PGP MESSAGE-----" may not be rock solid, since for example removing a couple of dashes, or the whole line altogether for that matter, would still leave a message that GPG would happily parse and consider perfectly correct.

  2. Mircea Popescu`s avatar
    Mircea Popescu 
    Sunday, 18 January 2015

    You mean to pass along multiple indepedently signed documents in one go ?

    It seems a point of convenience. Moreover, gpg chokes on dashes out of place, try it yourself.

  3. I did, this verifies fine for example

    Hash: SHA1

    derpy derpo
    Version: GnuPG v1

    -----END PGP SIG
  4. Mircea Popescu`s avatar
    Mircea Popescu 
    Sunday, 18 January 2015

    But that's just one document ? Not really germane to our discussion ?

Add your cents! »
    If this is your first comment, it will wait to be approved. This usually takes a few hours. Subsequent comments are not delayed.