On Thu, Mar 6, 2014 at 11:07 AM, Mike Hearn <mike@plan99.net> wrote:

if some sort of Stealth address or HD wallet root was the identity gaining the reputation, then address re-use wouldn't have to be mandatory.

The identity would be the X.520 name in the signing cert that signed the payment request. It doesn't have to be a difficult to obtain cert. It could even be self signed for this use case, but then you lose the security benefits and a key rotation would delete your reputation, so in practice I think most people would want the reputation to accrue to the name itself.

That makes sense, to have self-signed certificates as a basic start, but then is it possible to have a Bitcoin user (address) add reputation/sign such a certificate, rather than having a central signing authority? If there was a way for a Bitcoin user to provide feedback on a payment (ECDSA signature from one of the addresses involved in the payment, signing an identifier of the payment and a feedback score) such that any user can add to the reputation with just the Bitcoin infrastructure, without having to learn X.500 certificate signing on top of EC signatures? If there was a standard structure for a message to be EC-signed with your Bitcoin client, and then a distributed store of those signed messages, could that form a reputation score?