Payment Face to Face


#1

Localethereum has the mean of payment Cash (in person), I wonder if Bisq could use this method, scrupulously respecting the confidentiality of the parties involved and also respecting the lack of communication until the precise moment of the face-to-face meeting.

My proposal for the debate:

To put an offer the bidder could indicate the country, the city and the place, for example: Morocco, Casablanca and Rick’s Cafe

The offer would have a calendar where the bidder would mark the days and times that he could go to the appointment, while the offer is valid. One month? two months?.

When someone takes the offer, he would select a day and an hour from the available ones.

Known the place and the time and known the Bisq trade ID, making contact would not be very difficult

It would be much better if the country and the city could be selected from a geographic database, to minimize the free text.

The norms of the operation would force the specified meeting places to be public (squares, bars, cafes). The arbitrators will take this into consideration in any dispute.

Thieves are a danger, but except the two sides no one else knows the exact date and time of the encounter, but it is a risk that must be considered.

This problem could be minimized by making it mandatory for the bidder to introduce three places for the meeting. The buyer must accept one of the places.


#2

I fear there is no security the model and the arbitrator can provide. LBTC has reputation and ID verification, which might reduce risks. What can the arbitrator do if one says he did not got the money or the BTC. The who pays first even if it is jsut seconds is a real problem.
Beside that it would be a honey pot for robbery. The BTC seller could wait at the place, watch for a geeky guy with laptop and then follow him after he gave up waiting and not finding the seller. Then in the next dark street the seller could rob the buyer knowing he came with xxx USD.
I know that despite the risk people use it and I would love to find a save solution but so far I have not. Some high security deposit might help but that would be a usability killer.


#3

Thieves are a problem but it can be enough if you have to specify 3 alternative sites to choose from. The choice of that place and the selection of the appointment time among the possible ones can make the place and time unpredictable by third parties.

Nor would it be necessary to carry a laptop if Bisq have a simple system of mobile alerts. It would not be very difficult to have the Bisq instance on the home PC send a message to the mobile when an offer was made and, also, Bisq could finish a transaction when it received a message with a code.

It is true that the referee will not help much in the transaction, but it could help to make the rules of the game (places, etc.)

The truth is that people use this type of systems a lot, and that of Localethereum is certainly working. If this is the case, I do not see why Bisq will not be able to use it. https://localethereum.com/


#4

What I don’t get from localethereum’s model is why would you need to put ETH in a multisig account. At localbitcoins, for face to face transactions you don’t have to send money to localbitcoins, you can go with your btc wallet to the place of the exchange, and just send that to the btc buyer.
Specially when there’s not a single register of the cash part, having ETH in a multisig doesn’t look like a big help.


#5

In bisq the advantage is that you would go to the appointment with the transaction initiated, and both parties would have something more of more interest in finishing the operation than if they came only with their wallets.

An additional level of security that occurs to me now, would be the following:

Only merchants who havean bank account age of 2 months can trade face to face. Both parties will know the name and bank account of the other side.

This type of traders can choose the face-to-face transaction type

This knowledge of identity will prevent thefts.This system, together with the specification of three places and the mobile alerts from Bisq could make this system much safer than LCB and Localethereum


#6

The idea to allow it only to users who have already traded by bank account is interesting. The contact via the bank transfer is a kind of piggy-back KYC at least in case of a crime it will help to identify the other peer. That adds real security.
Though a main concern is that those users most interested in F2F trade do not want to use the banks in first place and it limits your trading peers to those with whom you have traded already.

To not carry Bisq on a laptop with you would cause a lot of code changes. The trade process is complex and to add a specialized process for F2F trade will not be feasible in the next 6-12 months. Also codes will not help as you need the signed tx from the peer to redeem the MS funds, we do not want to introduce a classical escrow as it is done at LBTC.

One main concern beside security with F2F trades is that LBTC is the market leader there and beside them there are several others, so what could we really add to compete? You have to be 10 times better then the market leader to be able to compete. I have not seen ideas so far which fulfill that.

Though I am very interested in that field and would love to find a proper solution.
The idea to make a trade via banks is definitely a good one but I fear it is not enough.
Time locked payout transaction might help against risk that the buyer is robbing the seller after the BTC are released. If there is a day delay the arbitrator could make an alternative payout thus making the first payout timelocked tx invalid. But that only adds security for seller not for the buyer. The seller could rob the buyer before starting the trade. Then the arbitrator has to figure out which is problematic. Recording all as mobile video might help, but some will not like that as well for privacy reasons. Also both would need to record it and that might be not so easy in some locations.

With the theft risk mentioned in my first reply I meant that the trade peer is actually not showing up at the place but hiding close to it and observing the BTC buyer and then robbing him outside of the location. Not sure if that happens a lot in LBTC but it is definitely a risk IMO.

The only secure way I see so far is that both lock up a security deposit higher than the trade amount which only gets unlocked after a delay when both traders are confirming success. But what happens if one does not, how can the arbitrator verify who did not play by the rules?


#7

Well, I’m not talking about a Bisq mobile application, but something much easier: the instance of Bisq that is working at home can send an email to the mobile phone when the user is away from home, notifying when the other side confirms an operation.

Additionally, Bisq will listen to the email and if it receives an email with a code then will sign tx, just as if the user pressed the button. This does not seem complicated to implement.

The bank account association can limit theft attempts, as well as the possibility of using mobile, avoiding a visible laptop. It would also be useful to put several appointment places, to choose one.

Total security does not exist with these methods, and I think it is a mistake to pursue it. What you should do is improve any other existing system, because people will continue to use these methods.

The idea of blocking the BTC is good and the referee could see the police reports that one party put against another (remember they know their bank accounts) A false police report for theft it is very serious. You have to remember that everything will happen in a public place.


#8

The way is implemented now, do bank account age also register number and quality of trades made? Because the main objective of this measure is to prevent btc sellers from stolen bank accounts, where theft is highly motivated to empty the bank account as soon as possible.


#9

Yes with the APIs remote controlling the app can be done.

My main concern is if we are not 10 times better (or even worse) than LBTC why should users move?
LBTC has reputation and ID verification in place which helps for such a model. Also as it is a webpage it is easier to access for many. Don’t misunderstand me I would really love to find a way, I am just skeptical that the effort is worth it.
Bisq’s main value proposition is privacy and security. With F2F trades I think we are still short with security compared to LBTC.


#10

No it only takes the date when the payment account was created.
See: https://github.com/bisq-network/proposals/blob/master/payment-account-age-witness.adoc


#11

Yeah, if a buyer can’t prove he gave cash or the receiver can’t prove he didn’t receive it, Bisq can’t be of any use here. It would just bind Bisq’s reputation with something it has nothing to do with. A simple P2P message protocol would be just as efficient here.


#12

So that would be another difficulty for F2F because we can only prove the age of an account, not good past behaviour.


#13

I think it would be very interesting, for any purpose, to enter in the AccountAgeWitness the information, True or False, of whether the user has successfully made at least one operation. I do not think it’s a good idea to extend the concept to the number of trades, but it would be a good idea to know that a user has made at least one operation. The referee of the operation could block that flag


#14

I do not think any P2P messaging protocol can be better than Bisq in that purpose, Bisq is less vulnerable to bans and less vulnerable to social engineering, and the use of bank account information would protect both sides.

It is true that some operations could fail, I think you will never find a completely perfect solution to this type of trade, but then buy BTC in a P2P system will always pass, inexorably, by a bank?


#15

Do you think that feature would outperform LBTC? If so by which factor?


#16

In Germany, LCBT is forbidden, which makes it easy to see that there the Bisq solution would be better than LCBT by a factor of 100%. The same for the rest of the countries where it can not be used.

On the other hand, trading F2F knowing who the other person is and without aggressive identity tests, seems better than a reputation system, which tends to centralize the system, and ends up producing more problems than it solves:

The factor that would improve this to the LCTB system, will be the quotient of the success rate of operations in Bisq and LCBTC

My reasoning is that if the operation starts with two users with verified bank accounts, an offer taken in Bisq with the corresponding security deposits, and a chosen location among several (up to 6 for example) proposals, the operation is more likely to succeed than one of LCTB that uses less reliable systems and can be subject to social engineering scams.


#17

Thanks for your summary of your view. I share it partly but I am still not convinced enough to put it as high priority for myself. But any dev is welcome to work on it (I need to focus also on the DAO and arbitration system anyway so even if I would be more convinced I would not be able to do it). It comes with a bit of effort to make it user-friendly so it will be considerable more effort than adding a normal payment method.

I want to emphasize that your idea with using the past trades with a bank account as a form of piggybacking KYC is a very interesting one!


#18

I think that:

  1. The hardest part about arranging a F2F exchange is finding a willing exchange partner locally. Doing so requires a service with enough network effect to attract participants worldwide.

  2. LBC is useful for this, but they try to funnel users through their escrow service which means loss of possession of coins and trusting a centralized third party at least temporarily. Not everyone wants that, and some like myself actively avoid it and will only deal with the few traders that publish their contact info so no need to use LBC’s deposit-based communication channels. This leaves a market opportunity (niche) for Bisq, which should not require escrow.

  3. Bisq can serve a useful function to facilitate two parties finding each other and arranging a meeting location. Most of the infrastructure is already in place: offers, orderbook, p2p network, growing trading community, etc.

  4. It is a mistake for Bisq to attempt to arbitrate or take any position of responsibility for the trades. reason: It is practically impossible for Bisq arbitrators to validate the transaction. Even if video recorded by both parties, the bills could be counterfeit, etc.

  5. Reputation system(s) can help with (3) but are not a guarantee. Also, are difficult to implement without a way to validate that trades occurred successfully, and to avoid gaming eg via fake/sybil accounts trading with eachother.

  6. Given (3) and (4) the only valid approach I see is for Bisq to simply give both traders a big BOLD disclaimer stating that they are entirely responsible for results of the trade, no arbitration is possible, and they could very well be robbed, harmed, scammed, etc, etc, and make user explicitly acknowledge that risk before each and every transaction, possibly by requiring user to even manually type or handright/sign a sentence of acknowledgement. This is to cover Bisq’s ass. :slight_smile:

  7. There are some users such as myself that have never and will never perform trades that require identity through a bank, and also will never use a third-party based escrow. (Not your keys, not your bitcoin). As far as I know, there is not any service that directly caters to this use-case. Bisq is perfectly suited to do it.

  8. Additional services surrounding the trades could be provided by third parties. For example a service to stream video to during the trade, in case of robbery. Or an escrow service. Or checking cash bills for counterfeiting. Or even an armed 3rd party bodyguard to accompany and “watch your back”. Or even performing the exchange on your behalf for a fee. These things do not need to be provided by Bisq directly. There is such a thing as personal responsibility. Bisq needs to recognize that its only role here is matchmaker to facilitate/initiate a trade… not to create some sort of false guarantee warm fuzzy for participants. Indeed, provision of these services can be thought of as market opportunities for early members of this community / forum.

  9. IANAL, but I would think that by NOT providing a reputation system, abitration, requiring deposit, or any pretense at protecting users and actively warning them up front, Bisq would be in a better situation legally in case of harm to F2F traders than if Bisq does try to protect them, or makes any assurances of protection, and fails.

  10. Even given (9) I personally would find it helpful if a reputation system is in place. I would suggest the following: a trader can have a count of the number of successful (without arbitration) fiat trades performed with trade partner via banking institution. This count would exclude crypto-crypto trades and F2F trades because these are too easy to fake/game. Individuals that provide a lot of liquidity would surely perform many many such trades, and thus could accumulate a count of 10s or 100s of trades.

Those are my thoughts, as someone that cannot / will not use Bisq for fiat exchanges with the present model, but likely would if the above approach is adopted.


#19

Perhaps one day Bisq will have multiple purposes, but F2F is going to be very different from current trades.
Maybe what makes the most sense is to have the transaction recored live or in the presence of the arbitrator.
Since there would be no real way to prove that people in the video really are the traders in question or someone else. Live feed would probably be the most useful here, but obviously would require a bigger arbitration fee as it would take more time and it would have to be scheduled.
This would probably be the simplest and most similar adaptation of the Bisq protocol to F2F trades.


#20

Like Peertrader, I think it is wrong to try to fully control a F2F transaction. Live Feed is not the solution, it is very cumbersome. The measures that I had mentioned before should be enough.

I also agree with Peertrader that Bisq is well positioned to offer this type of service, which responds to a real demand.