True, that would work, but still how are you going to bootstrap the trust? TREZOR is well known, but in a future where there could be 100 different companies trying to release a similar product to TREZOR it seems like one company could corner the market by being the only one that is an accepted instant provider at most vendors. It seems to encourage monopoly unless there is a standard way to bootstrap trust in your signature.


On Mon, Jun 16, 2014 at 1:32 PM, Mike Hearn <mike@plan99.net> wrote:
On Mon, Jun 16, 2014 at 10:29 PM, Daniel Rice <drice@greenmangosystems.com> wrote:
I'm trying to think through how to encourage the maximum number of instant signature providers and avoid the VISA monopoly. Ideal case would be that people can even be their own instant provider.

A provider does not have to be an interactive third party. One reason I suggested using X.509 is so secure hardware devices like the TREZOR could also be instant providers. The hardware would be tamperproof and assert using a secret key embedded in it that the tx came from a genuine, unflashed TREZOR. The the server can know the device won't double spend.

In this way you have decentralised anti-double spending. Of course, it's an old solution. MintChip sort of worked a bit like this.