Re: Interledger and Privacy from Arie Yehuda Levy Cohen on 2015-10-20 (public-interledger@w3.org from October 2015)

From: Arie Yehuda Levy Cohen <arielevycohen@gmail.com>
Date: Tue, 20 Oct 2015 11:29:34 -0400
To: Dave Longley <dlongley@digitalbazaar.com>
Cc: public-interledger@w3.org
Message-ID: <CAJ+R0wSad1W4NsN4K7SfmfLEON+_fCPR9MEy5kHsTJYC4Aie5g@mail.gmail.com>

Good point Dave; I wonder what everyone thinks about that?

Also, and riding on your initiative to start a discussion via this channel
(which is the idea), here are some thoughts/questions to add to the
discussion;


   1. how do we vet "trust" of the connectors?
   2. in a world of risk mitigation and systemic risk exposure, would it be
   safe to say that having different types of connectors is wise?
      - ie; banks in all jurisdictions
      - wire houses v regional
         - commercial v IB's
      - cpa's, accountants
      - lawyers/barristers
   3. would there be a need to rate these connectors or give them a "score"
   akin to rating agencies?
   - on speed / response time?
      - proactivity and accountability?
      - crypto escrow insurance?
   4. given the connector ultimately holds the money for however long in
   "escrow":
   - is there counterparty risk relative to where the escrow money sits
      (call it escrow risk??)?
      - could central banks play a role here?
      - IMF / BIS?
   5. in the case of Identity being critical, would there not be a strong
   case for Security?
   - dynamic keys?
      - 3FFA?


--

Heritage & Legacy Advisory | Multi-Generational Wealth Preservation

ARIE Y. LEVY-COHEN
FINANCIAL ADVISOR | INTERNATIONAL CLIENT ADVISOR
PRIVATE WEALTH MANAGEMENT | NEW YORK
ECONOMICS | FINANCE | BLOCKCHAIN TECH
P: 917.692.6999

On Tue, Oct 20, 2015 at 11:17 AM, Dave Longley <dlongley@digitalbazaar.com>
wrote:

> All,
>
> I asked a question during the interledger presentation inquiring about
> what information is leaked about senders/recipients to connectors. The
> question was answered from the perspective of an "altruistic" connector,
> essentially that connectors don't need to know all that much so they'll
> only use whatever is necessary to help complete a payment.
>
> However, I was thinking more of rational or byzantine connectors. Is
> there anything in the protocol to discourage entities from creating
> connectors that provide cheap paths to complete payments -- so that they
> can, for instance, track (and potentially sell) sender or recipient
> behavior? Is there anything in the protocol to help protect privacy?
>
> While it appears that the protocol does a lot to guard against
> adversaries that seek to attack the payments themselves, but what about
> other attacks or "abuse" of meta-data? By introducing third parties
> (connectors) into the payments process, there may be other undesirable
> behaviors that aren't directly related to payments that need to be
> mitigated.
>
>
> --
> Dave Longley
> CTO
> Digital Bazaar, Inc.
> http://digitalbazaar.com
>
>

Received on Tuesday, 20 October 2015 15:30:04 UTC