Hello everyone!
We've just released Bitshops. A demonstrational Bitshop is available at /dnmdemo (password: demo). Note that the SSL certificate's domain name does not match, and you should add a security exception (see below for SHA1 checksum).
Bitshops uses client-side encryption to make sure nobody (including Bitshops itself) can read the contents of user-created webshops without that shop's "access password". Actual orders are asymetrically encrypted so only the buyer and seller can read it. Chat is provided, with the same security as orders.
Client-side cryptography also means everyone can audit the code responsible for security. We have not minified or obfuscated the JS code. The NTRUEncrypt library is compiled to LLVM (through Clang) and can be reproduced. We believe the measures in place are sufficient to make PGP or Tor unnecessary, but it is always good to mask your IP and have extra layers of security.
Bitcoin escrow is provided. If either party does not agree upon whom should receive the transaction Bitshops BV cannot make a judgement as it has no information. Therefore, in such situations, the funds will be kept by Bitshops BV. This is intended to be the only source of income.
To be clear; Bitshops BV does not encourage the illegal use of the website. When it receives a report that includes the decryption key ("access password") and a specific reference to Dutch law, or the law of the nation(s) targeted by the Bitshop, it will wipe the store. We keep no logs and all sensitive information is publicly available and encrypted, so that would be all we can do. In such an event we cannot award the Bitcoin still associated with the store for legal reasons. Depending on whether the escrow related income pays for hosting we intent to donate these funds to privacy improving projects, to prevent conflicts of interest.
The technical mechanism means site-wide search is impossible. Image Catalogs, which pack the entire Bitshop into an image, are still very experimental (often don't work), but are imagined to alleviate some of the pain of distributing store information.
We're here to answer any of your questions, please give us the opportunity to do so before drawing conclusions. (Feel free to draw harsh conclusions afterwards!)
Thank you for your attention, The Bitshops team
SHA1 key for the SSL certificate (issued by Comodo):
04:3E:4C:0A:EE:4C:E3:80:C0:E7:FE:3A:6E:38:B7:41:E3:1D:64:8D
This site is perfect for me to host my child porn.