<p dir="ltr"><br>
Den 13 mar 2015 20:57 skrev &quot;Kalle Rosenbaum&quot; &lt;<a href="mailto:kalle@rosenbaum.se">kalle@rosenbaum.se</a>&gt;:<br>
&gt;<br>
&gt; Hi all,<br>
&gt;<br>
&gt; I&#39;ve been thinking about how a person can prove that she has made a payment. I came up with an idea I call Proof of Payment (PoP) and I would highly appreciate your comments. Has something like this been discussed somewhere before?<br>
&gt;<br>
&gt; Use cases<br>
&gt;<br>
&gt; There are several scenarios in which it would be useful to prove that you have paid for something. For example:<br>
&gt; A pre-paid hotel room where your PoP functions as a key to the door.<br>
&gt; An online video rental service where you pay for a video and watch it on any device.<br>
&gt; An ad-sign where you pay in advance for e.g. 2-weeks exclusivity. During this period you can upload new content to the sign whenever you like using PoP.<br>
&gt; A lottery where all participants pay to the same address, and the winner of the T-shirt is selected among the transactions to that address. You exchange the T-shirt for a PoP for the winning transaction.<br>
&gt;<br>
&gt; These use cases can be achieved without any personal information (no accounts, no e-mails, etc) being involved.<br>
&gt;<br>
&gt; Desirable properties:<br>
&gt; A PoP should be generated on demand.<br>
&gt; It should only be usable once to avoid issues due to theft.<br>
&gt; It should be able to create a PoP for any payment, regardless of script type (P2SH, P2PKH, etc.).</p>
<p dir="ltr">Relevant: <a href="https://idemix.wordpress.com/">https://idemix.wordpress.com/</a></p>
<p dir="ltr">Anonymous Credentials allows an issuer to declare that you have certain rights. For example, upon paying the service provider could issue you the credentials for using their service up until a certain date. </p>
<p dir="ltr">When challenged to prove a statement about what credentials you have, you can prove the fact that you&#39;ve got the right credentials without revealing anything else. You don&#39;t even reveal you&#39;re the same person as the last time, if you prove the right to access a VPN multiple times there&#39;s no data in it that links the different sessions together. </p>
<p dir="ltr">The main difference is that issuance of Anonymous Credentials aren&#39;t &quot;atomic&quot; with the payment transactions, which can open up the risk for certain types of dishonest behavior by the seller. You could however use a proof in court of having paid for the credentials but not getting them issued to you (maybe throw in usage of Factom to log issuance of credentials?). With this construction of using both these methods, you add stronger privacy for the usage of the services while simultaneously keeping a degree of accountability for the payment. </p>
<p dir="ltr">The Zerocoin developers also got a paper on a blockchain version, &quot;Distributed Anonymous Credentials&quot;. </p>