212920 (3) [Avatar] Offline
#1
Hi,

refer to page 134
------------------------

Para 1)
Since the company has grown and some people don’t know Lisa very well, trust in her begins to fade. Some people fear that Lisa will steal CT from them in the spreadsheet.

Para 2)
Only Lisa can verify signatures, so she could increase the "Amount CT" column of a payment to her or add a row with a false payment from, say John, to Lisa.

Para 3)
No one could prove Lisa has committed fraud. It doesn’t matter that Lisa is the most trustworthy human on earth. If people don’t know that, they are going to assume that Lisa is as greedy as everyone else

===========
Since the Transaction will be digitally signed, which Lisa need to verify. Then How come when she increases the "Amount CT" column from John, to Lisa, "No one could prove Lisa has committed Fraud" ? .. Technically the signature wouldn't match right?

Bit confused here..
Kalle Rosenbaum (20) [Avatar] Offline
#2
Hi!

212920 wrote:
Since the Transaction will be digitally signed, which Lisa need to verify. Then How come when she increases the "Amount CT" column from John, to Lisa, "No one could prove Lisa has committed Fraud" ? .. Technically the signature wouldn't match right?

Bit confused here..


Thank your for your comment. In this section, "Problems", we are talking about the problems with the cookie token spreadsheet *before* we start using transactions. Transactions will solve those problems later in this chapter. This should probably be made more clear in the book. Thanks.

No one but Lisa has access to the digital signatures, because they sit in her mailbox. No one else can verify them, so no one but Lisa can prove that Lisa has changed the spreadsheet.

To elaborate a bit more: The payers might still have access to their old emails containing the signed payments. John can show his email to Lisa to the world and say: "Look, I didn't sign the payment of 30 CT to Lisa as it says in the spreadsheet! That payment to Lisa was for 10 CT. Here's my signed message to Lisa that proves it!"

That doesn't work, because from an outsider's perspective, John could be a liar and show a newly signed message and hide the actual 30 CT message that he sent to Lisa.

Maybe I should add something like this? What do you think?

Did I answer your question?

Thank you very much for buying the MEAP!
/Kalle
212920 (3) [Avatar] Offline
#3
Kalle Rosenbaum wrote:Hi!

212920 wrote:
Since the Transaction will be digitally signed, which Lisa need to verify. Then How come when she increases the "Amount CT" column from John, to Lisa, "No one could prove Lisa has committed Fraud" ? .. Technically the signature wouldn't match right?

Bit confused here..


Thank your for your comment. In this section, "Problems", we are talking about the problems with the cookie token spreadsheet *before* we start using transactions. Transactions will solve those problems later in this chapter. This should probably be made more clear in the book. Thanks.

No one but Lisa has access to the digital signatures, because they sit in her mailbox. No one else can verify them, so no one but Lisa can prove that Lisa has changed the spreadsheet.

To elaborate a bit more: The payers might still have access to their old emails containing the signed payments. John can show his email to Lisa to the world and say: "Look, I didn't sign the payment of 30 CT to Lisa as it says in the spreadsheet! That payment to Lisa was for 10 CT. Here's my signed message to Lisa that proves it!"

That doesn't work, because from an outsider's perspective, John could be a liar and show a newly signed message and hide the actual 30 CT message that he sent to Lisa.

Maybe I should add something like this? What do you think?

Did I answer your question?

Thank you very much for buying the MEAP!
/Kalle


Thanks Kalle, the elaboration clears the confusion..
Suggest you add something like this in the Book, it makes it easy to see that Lisa could now be "Single point of Trust" and hence this needs to be resolved in subsequent chapters.