What's the best multisig strategy and why? 2/2, 2/3, 3/3?

Main goal of multisig is to make it so exit scam is impossible, and to decrease the value of taking down the marketplace: Don't want the enemy to get coins. Any two party mulitisg works for that, but what protects best against cheaters, and/or allows for most sales/economy?

Escrow options:

2 of 2:

Bad because both users can try to export one another by not releasing ALL the funds and redirecting some back to them.

Marketplace can try to scam vendors by not releasing all the funds to them: this is however only one transaction per vendor and would be a weak exit scam attempt.

2/3

The possibility that buyer is unhappy, but vendor + marketplace will collude. Semi-safe if buyer or marketplace gets taken down as the other can sign.

Two people can gang up on the other, but this requires a lot of coordination and risk to the two scamming parties.

3/3 Buyer + Vendor + Marketplace: everyone happy, but the buyer might not cooperate once product received. Risks everyone fund if anyone is taken down. Two parties can scam third party by not releasing funds unless they send some their way (which wasn't agreed upon before transaction).


I used to think 2/2 for buyer/vendor was best -- but I don't think buyers will be responsible.

2/3 has it's own set of issues but seems to have worked in the past and would require at least two members to conspire against the other. This likely reduces risk of scamming... but, maybe not that much. It would most often be Vendor + Marketplace, but it could be Marketplace + Anyone who wants to give more profit to the marketplace.

OR it could be buyer + vendor: sign the transaction by skipping the fee to the marketplace, and the buyer can have half of it back :)

I am now thinking it could be 2/2 with Vendor + Marketplace, as exit scam is impossible (sorta.... " I'lll relase only half your Monero if you send the other have to me!") least this would only happen once to all vendors all at once (unless they kept using the service)....


Comments


[2 Points] ilostmylunchmoney:

I'd say 3/3 is inferior to 2/2 when the two are the buyer and the vendor, adding a third party who may suddenly exit and leave the buyer and vendor fucked is not a good idea. Obviously the market can't steal the coins, but if using 3/3 a vendor may have a 100+ 3/3 multisigs that will be stuck in limbo even if they are still in contact with their customers. In the case of a dispute it doesn't matter who the market sides with, if the buyer and vendor don't agree those coins aren't going anywhere.

2/2 buyer and vendor - the buyer doesn't gain anything from refusing to sign off, they have paid and have no hope of seeing their coins again without the vendors consent so unless they get nabbed or something you can be fairly sure they will cooperate. And if you are a good vendor your customers will want to come back time and time again, vendors could refuse them service if they have outstanding transactions to complete.

2/3 is basically like escrow that the market can't steal. This is the other good solution, provided the market is not in cahoots with either other party.

2/2 vendor and market - a up for 2/3 that's more noob buyer friendly. The buyer has to trust the market to represent them well in the case of a dispute. Like 3/3 if the market shuts down suddenly the poor old vendors are left with a heap of incomplete transactions so when possible 2/3 should be used instead.

In all situations you could easily fund the market with vendor payments. To become a vendor you would have to pay a bond, to remain a vendor after that you pay a small regular fee (like a weekly retainer, equal to 3% of last weeks sales for example). If a vendor refused to pay their listings would be removed, and they would have to sign up with a new PGP key (and lose most of their customers) and pay a new bond. So they would want to pay the retainer (they'd push this on to the buyer anyway).

In conclusion I'd recommend 2/2 buyer and vendor or 2/3, and tax the vendors a little bit to make the market worthwhile.


[1 Points] Dontworrybeready:

All of these multisig solutions have to have timelocked txs signed by the market, releasing the coins to the vendor after a long time period like 3 months.

Without timelocked tx 2of2 (market, vendor)

the funds will be locked forever in case the market goes down. Still better than regular escrow because these coins can't be confiscated and used against us, nor stolen, but the vendor prefers to get his coins at the end.

Without timelocked tx 2of3 (market, vendor, buyer)

With timelocked tx the vendor is guaranteed to get the funds after 3 months without the consent of the buyer. The transaction is already signed by the market, only needs a sig by the vendor and it releases the coins to a pre-set address of the vendor.

In case of a dispute or vendor exit scam, the market can refund the buyer by creating a tx before the timelock would expire. The tx is signed by the market and the buyer, and releases the funds to the buyers address before the vendor can move it with the timelocked tx.

2of2 (market,vendor) with timelock doesn't protect the buyer from a vendor's exit scam, because the vendor will receive the funds after 3 month no matter what. But it's still better then regular escrow because the market has less incentives to make an exit scam, and it cannot be stolen or confiscated. And the buyer can just create a signing key and use 2of3 multisig instead.

IMO the best way to do this on a website based market is

Market fees should be taken of from the withdraw transaction even though it's problematic if the buyer have to send the payment directly to the multisig escrow address, because in case of over/under payment the market can't act alone to move the funds. The other problem is that the vendor might collude with the buyer to escape the market fees but that will be a rare occassion.


[1 Points] None:

2/3 Hands down because it only requires 2 of the three parties to conclude the transaction.