[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Privacy-friendly auditing



Tony Hamilton:
> It is nearly impossible to acquire statistics
> on the %ROI and %STDEV on individual investment strategies. This can be
> for a number of reasons. Some people, such as yourself, are not willing
> do publicly divulge specifics. More often, in all likelihood, those figures
> divulged are inaccurate or biased in some way.

Sounds like another use for the hypothetical Auditing Protocol recently 
mentioned on the cypherpunks list.  The problem is to figure out a way to 
audit the accounts of a bank, to determine if there are sufficient reserves,
without divulging information on the accounts
therein, or having to trust an outside auditing agency with the
accounts' privacy.  If such a protocol could be discovered it might 
also apply to this problem (or vice versa), how to audit the returns 
of an investment fund or strategy, without revealing information on 
the participants in such a fund, or revealing the specific strategy.  
One approach might be to express the strategy as a unique string which
hashes to a unique digital signature, which can then be published
along with the returns.   

Has anybody thought of a more formal way to express this
problem?  Ways to audit a bank without divulging customer
privacy were also discussed at that July Bay Area
cypherpunks meeting, and I'll bring up the question again this
Saturday.

>[figures from govn't & schools relatively unbiased]

Governments are quite biased by political concerns, eg the desire
to raise taxes and spending, to make themselves look good for
elections, etc.  Schools have to worry about their government
and corporate sponsors, and both worry about political 
popularity & correctness, which is hardly unbiased.  For
example the Luddite reaction against program trading after the '87 
crash, the reaction against corporate takeovers by "uppity Jews"
like Milken in the 80s, etc. along with the biased statistics
used to make cases for arguments against "junk" bonds, program
trading, etc.  Most importantly, these government and university
people have no incentive to get it right, while S&P et. al.
make their business on their reputation of getting it right.
If it was discovered somebody was bribing S&P to cook the
books you could be sure their competitors would make a Big Deal
about it.  In cases where there is no long-standing reputation
on the line (and no trustworthy auditors, whether agencies or
algorithms) I join you in being dubious about investment
claims.

Nick Szabo				[email protected]