>
> Well, the totally trivial and stupid thing is for a list reader to
> sign a message saying "I think message X is spam" and send it to the list
Sorry, I re-read your message and noted the requirement to ahve no central
server. How about this:
1) To post a message, sender S takes a 2-dollar coin and then
uses some kind of verifiable secret sharing protocol to split it
into shares.
2) S sends the shares to the group agents.
3) Each group agent verifies that it has a share consistent with
the other group agents (see Byzantine Agreement for this one).
If any share fails, then something bad happens (what?). The
other problem is what happens if S just submitted a bunch of
garbage; I'm not sure how to deal with this DoS attack.
4) If a group agent thinks the message is spam, it sends its
share to Engineers Sans Frontiers or whoever. Otherwise it keeps
mum.
Now if enough group agents (1/2, 1/3, whatever) think the message is spam,
enough shares collect at step 4) to reconstruct the 2-dollar coin.
Otherwise not enough shares collect and the coin is never reconstructed.
Presumably S kept a copy and can spend it later.
No central server now, just needs a verifiable secret sharing scheme.
Pedersen has one, and another is part of the Proactive Security work I
mentioned previously.
-David
