Admin setup would define components to brand their site, setup commission rates, salary, PGP keys, multisig keys, etc.
At that point, the hope is that admin involvement could be minimal.
Vendors would signup and either pay a bond or get bond waiver if they vend on other markets like ebay already. Their identity is validated solely based on PGP encryption. Once they complete their setup of global options/definitions, they would focus on managing listings, order queue and messages to establish good feedback/reputation on the site.
Buyers would then signup and browse multiple categories of listings from all vendors who have listings posted.
Purchases would be made of a single item where buyer defines qty, ship option + checks out. They input a single field of info at checkout which is an encrypted ship address. Under no circumstance should non-PGP-encrypted info be made in order to leverage crypto-security and avoid any fraud based on their user details similar to the fraud that exists on traditional CC-based marketplaces.
The marketplace will run off a commission % and thus should be paid out to the admins bitcoin address for each completed order. An electrum MPK should allow each orders commission to be paid to a fresh btc address.
Workflow of common order would look like this:
- Buyer choose item which displays fiat price per qty range.
- BTC payment amount is calculated.
- A multisig escrow address is created using vendor and market msig sign keys + timelock release of 45 days. This is the escrow payment address where buyer must send funds.
- Upon confirmation on blockchain, buyers sees order status change from NEW to PENDING.
- Upon vendor SHIPPED status change, the buyer can tell item was shipped.
- If vendor CANCELS status change, the buyer receives a refund to their REFUND BTC ADDRESS. This is a rare event. MSig will require 2 signatures to drive the refund payment tx. This must be as easy as possible.
- Once buyer receives product they mark order as RECEIVED and this causes the market admins msig signing key to be used to sign the escrowed tx giving it 1 of the 2 signatures needed to send funds to vendor.
- Once vendor sees 1 signature has been made, they will then sign the tx to add the 2nd signature causing it to be sent to their WITHDAW ADDRESS.
- The order status is then changed to COMPLETE.
- Timelock of 45 days would mean market admin signature is auto-applied after 45 days so vendor does not need to explicitly trust the market admin to rely on getting paid or having their funds freezed like paypal.
- A dispute flag could be applied by buyer for non-receipt which would be the only deviation from this common workflow. The system is designed to provide transparent, standardized vendor guarantees and to promote the vendor/buyer to work it out themselves to avoid an admin mediation request. But this will inevitably happen from time-to-time.
- Admin can mediate an order dispute and make a ruling that pays vendor and refunds buyer 0, 50%, 100% of the order amount. The bitcoin tx must then be constructed to payout those % to the two parties and then begin the signing process.
- All mediation disputes data should be stored in user profiles to use in reputation profiles. i.e. how many disputes has user been party to and how many rulings did they win/lose/split?
- The goal is to allow for a tracking # to automate any dispute mediation since there is really no other way for a mediator to make decisions that are standard and transparent. A dispute should allow for entry of a tracking # to prove a delivery was made. This should be setup to allow for automation of dispute decisions either in v1 or a future version 2.