GPG Contract

From bitcoin-otc wiki
Jump to: navigation, search

It's a good idea for traders to require digitally signed contracts when exchanging in -otc. While such a contract can't inherently reduce the risk of fraud, it at least proves that the two parties involved in the transaction had agreed on some specified terms. This may come in handy if disputes arise.

Sample contract (IANAL etc):

05.02.11
'Alice' is the owner of the GPG key with fingerprint:
4F16 E4D6 BB9B D4A0 39F8  9644 DF23 CB88 2400 ACE3
'Bob' is the owner of the GPG key with fingerprint:
05CA A3B0 9322 1874 9D1A  2357 9C07 2DDC 4394 91B7

This contract is for the exchange of 20 Bitcoins at a 
rate of USD $3.25 per bitcoin, for a total of $65 USD. 

Bob agrees to send $65 USD, plus any fees charged by
Paypal, via a Paypal payment with transaction type 'Payment
Owed' (to reduce chargeback risks) to the paypal account
'alice@lol.com' within 24 hours of both parties
signing this contract. Alice agrees to send 20 bitcoins
to 1Dj1SocbbH9Lbb9aTdqSHB9AAjhdxNNZha within 4 hours
of receiving this Paypal payment.

Alice clearsigns the contract and emails it to Bob:

gpg --output ~/contract.signed.txt --clearsign ~/contract.txt

To verify that the message has a valid signature by Alice's GPG key, Bob first needs to have Alice's key on his keyring. He first gets Alice's key info from Gribble:

;;gpg ident Alice
Nick 'Alice', with hostmask 'Alice!~Alice@unaffiliated/Alice', is identified as user Alice, 
with GPG key id DF23CB882400ACE3, and key fingerprint 4F16E4D6BB9BD4A039F89644DF23CB882400ACE3.

Bob next imports Alice's key from a keyserver using one of:

gpg --search-keys 2400ACE3
gpg --search-keys DF23CB882400ACE3
gpg --search-keys alice@lol.com

Once he has Alice's key, Bob can verify that the contract that Alice sent him was actually signed by Alice:

gpg --verify contract.signed.txt 
 -or- 
gpg --verify (then paste the message, then control-D to signify EOF on Linux)
 
 output:
gpg: Signature made Mon 02 May 2011 06:22:08 PM CDT using RSA key ID 2400ACE3
gpg: Good signature from "Alice (test) <alice@lol.com>"

Once Bob has verified that a) the contract has a valid signature, b) the key that signed it has the same key ID as Alice's public key, and c) he actually agrees to the terms of the contract, he writes 'Agreed' or similar somewhere outside Alice's signed message, then clearsigns the whole thing (including Alice's signed message.) Bob then emails the contract back to Alice.

Here's what it looks like at this point:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I agree to these terms
05/02/11
- -Bob 

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

05.02.11
'Alice' is the owner of the GPG key with fingerprint:
4F16 E4D6 BB9B D4A0 39F8  9644 DF23 CB88 2400 ACE3
'Bob' is the owner of the GPG key with fingerprint:
05CA A3B0 9322 1874 9D1A  2357 9C07 2DDC 4394 91B7

This contract is for the exchange of 20 Bitcoins at a 
rate of USD $3.25 per bitcoin, for a total of $65 USD.

Bob agrees to send $65 USD, plus any fees charged by
Paypal, via a Paypal payment with transaction type 'Payment
Owed' (to reduce chargeback risks) to the paypal account
'alice@lol.com' within 24 hours of both parties
signing this contract. Alice agrees to send 20 bitcoins
to 1Dj1SocbbH9Lbb9aTdqSHB9AAjhdxNNZha within 4 hours
of receiving this Paypal payment.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iJwEAQECAAYFAk2/PKAACgkQ3yPLiCQArOOc/AP9GL0EgVQMTHZqOX5ynNVGBFb2
6eB7QzRdNQH8Zcj6R0y7fzbpYPbgwX+G3EYtsDjS4G3M8Ld1FFCcJ/JLJGlel91e
KLpXp/BWMRayn3KcFYoGogmONtxk1wOVoXF+wiK9jZYFIdjI87qh8iUOCboFVqQk
T3OG7odEKJOjNwYP+j0=
=2mDw
- -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iJwEAQECAAYFAk2/POcACgkQnAct3EOUkbd1cAP/UHRwSkwCsy4hihLU4xcIK2w9
4LtnPEl/CetLfOiE+0e1PySWk0lksii+/1rkdMzOM8e0keMjrE9kcQMs5p+e+pcJ
RRKMdmbnXx3k159CaNr7Bd5s1TDzbtsP2lGVE1zoGsZYtlEexwusi4Tw+SGSWxq6
XL9feecrfpsgdkCK6PY=
=D1YC
-----END PGP SIGNATURE-----

Alice should verify twice - once for her original message, to check that it hasn't been tampered with, and again for the whole message, to verify that Bob has indeed signed the contract with his key.

Note that PGP prepends '- ' (dash space) to lines that begin with dashes. This affects the PGP control lines, e.g.

- -----BEGIN PGP SIGNED MESSAGE-----

This will modify other that begin with dashes in the plaintext, too. Alice must remove all of these dash spaces when she verifies her original message as it appears in Bob's signed message, otherwise the verification will fail.

Both parties should keep Bob's signed message handy, so they can both attest that the GPG keys in question signed the contract.