SamPatt/SamPattSig

## SamPattSig
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Migration of our project funds to a multisig address.
=====================================================

We, the undersigned core developers of OpenBazaar, have decided with consensus
on the following on November 4th, 2014:

Because of the facts that:

(1) Developers can be malicious

Our threat model involves powerful agents at play. These can include malicious
governments who have the ability to issue secret warrants legally requiring
developers to take certain actions. We therefore follow a trust-but-verify
model in all our development process. As such, certain developers of the
project may in the future be legally required to perform actions that they do
not agree with, without the ability to communicate this fact to others. Through
multisig, we are requiring at least one more developer to perform a check on
financial decisions as a safety-net.

(2) Mistakes happen

We are human and often make mistakes. This can include lost wallet keys,
or destroyed laptops. Multisig will allow us to migrate our funds in case one
developer loses their keys.

We also sometimes make transactions that may be incorrect. A second pair of
eyes is good to make sure we don't burn our funds or we don't send them to the
wrong third party.

(3) Developers can become unavailable

Developers may become unavailable for various reasons such as accident or
death. We do not want to depend on one individual for all our funds. In case of
unavailability, multisig allows us to move our funds to a new address.

(4) Dictatorship is evil

We take team decisions with consensus. However, sometimes consensus cannot be
reached. We have never had this problem in our team yet, but it is bound to
happen in the future. In cases where consensus cannot be reached, an individual
developer should not have the power to act solely as a dictator and enforce
their opinion. Multisig requires at least one more party to consent. This acts
as a safety net.

(5) Transparency is good

We believe in a transparent development model. All our code is open source. We
interact with the community through public chat on IRC, on a public subreddit,
and in forums, all viewable by anyone. We plan features and submit bug reports
through GitHub issues, which are public. Anyone is able to criticize us through
these channels directly, even pseudonymously.

As of Beta 3, we are also making all all-hands developer video calls publicly
available through live streaming, and they are recorded for future reference.
We wish to be held accountable for our actions, and we invite the criticism of
the community.

In this direction, as we are funded through donations, we believe the public
should know exactly how much money we have and where and when exactly it is
spent. By publishing our multisig address, we submit our financial records to
public scrutiny.

Now, therefore, we are announcing the following:

(1) Ownership of public keys

Each of us controls one of the following public bitcoin keys. We are
providing bitcoin signatures as proof that we are in control of each.


Brian Hoffman:

*Address*: 12khSGHCvJoB7d5evWykvgeJVdYtSgAaxo
*Uncompressed Pubkey*:
04b3fae54a761c71d38df081cddb75b6306306d8e83338e9b748a02d4978ef48d356ec7fb4155bc819767ed90d56a0dccab185b9bf3d52027cdc226b611ddd3985
*Message*: This is Brian and I own 12khSGHCvJoB7d5evWykvgeJVdYtSgAaxo
*Signature*:
IHb6uWPR1mGxl85YDfPN1trD6ybLeeH0FotTWrUr2W+lcDLiM5iXompDaMJxFg3MwFQpto5cInFrPyooFw+/60I=

Sam Patterson:

*Address*: 19xZbcnF9HB3ycfFJmQS5Gr7eJ7riJKrWc
*Uncompressed Pubkey*:
047AA4C9652BEB1A01B351CC212391168C11E192E25A88AF79A422C4F83CBC7ED0BB5632C87547C45525167A8C814AFC29C7FFE44157547DC21B193AC714B4BA06
*Message*: This is Sam. I own 19xZbcnF9HB3ycfFJmQS5Gr7eJ7riJKrWc and will use
it for the OpenBazaar multisignature fund.
*Signature*:
IIKNFBcUu9OQ/L+bv/liAMMPBJHC70Y9bpzUsscW7C3FloC7uw5QH1UJUdN1AR50kuIAikB9mZkvZKcTGvDzDYk=


Washington Sanchez:

*Address:* 19fQbq6egzREyDSt8R1zGPAFoR1THWSV4g
*Uncompressed Pubic Key:*
0420b86afc794ec3307bcf3becc94b30f672a17483581dd703a37956f60ba89cf77bc349fe7d9889f7ed609b14bc397fc4ae0196c8325e6acc4d2e95aceca4d207
*Message:* This is Washington, confirming that I own this address.
*Signature:*
Gx9lga0zuYcJk8dhXq3Wb0Nsy5tXohJusUoIw7pm9ZytrGC6wD8zfwS4K4f+sRqdWE2s9kyv9Wd5q0Fl//HY1AE=


Dionysis Zindros:

*Address:* 1HA6tFUGQrzrwGDDVp9dHivNRyhuT37dCh
*Uncompressed Public Key:*
046ca17a66be50dc0d0093d3ebbefb74ffbd69fae577dfa329f67444f3f99913708efa5f51ca27fd0509af26245c9d5526b620cb9d90ca9a4a0ef2e3e2fe0e2bb8
*Message:* This is Dionysis Zindros, confirming that I own this address.
*Signature:*
HI9Bc8o/pyKmowG9cRL47Zt4ylYIJOxQnvSB4AF7FaNCHVz+hA6jowsDppAIKwLX9FMrxBqiGnhgpc/68G2t+uM=

We invite the public to verify our signatures above.

(2) Multisig address migration

We are designating the following 2-of-4 multisig address for the storage of
OpenBazaar funds:

3MXYUBLWNETa5HTewZp1xMTt7AW9kbFNqs

The address is constructed with the above 4 public keys. We invite the public
to check that the multisig address is a 2-of-4 address and that it is
constructed using the above 4 public keys. For verification purposes, the
bitcoin script is given below:

524104b3fae54a761c71d38df081cddb75b6306306d8e83338e9b748a02d4978ef48d356ec7fb4155bc819767ed90d56a0dccab185b9bf3d52027cdc226b611ddd398541047aa4c9652beb1a01b351cc212391168c11e192e25a88af79a422c4f83cbc7ed0bb5632c87547c45525167a8c814afc29c7ffe44157547dc21b193ac714b4ba06410420b86afc794ec3307bcf3becc94b30f672a17483581dd703a37956f60ba89cf77bc349fe7d9889f7ed609b14bc397fc4ae0196c8325e6acc4d2e95aceca4d20741046ca17a66be50dc0d0093d3ebbefb74ffbd69fae577dfa329f67444f3f99913708efa5f51ca27fd0509af26245c9d5526b620cb9d90ca9a4a0ef2e3e2fe0e2bb854ae

(3) Mandatory transparency

We have transfered all our funds to the multisig address and published it
to be used for donations. While we still have access to our old donations
address for donations coming from people who have stored it, we will be
using the new address for all donation purposes from now on. Any funds
donated to the old address will be immediately transfered to the multisig
address.

We will make all our organizational payments directly from our multisig
address. We vow to publish the following information for every transaction
originating from our project multisig address from now on:

 * The recipient bitcoin address
 * The date of the transaction
 * The recipient actual name or company name
 * The reason for the expenses

In case of conversion to fiat currency, we will state the above data for the
recipient of the converted fiat currency.

We invite the public to verify our GPG signatures on the above announcement.

Brian Hofmann, Project Lead
Sam Patterson, Operations Lead
Washington Sanchez, Research Lead
Dionysis Zindros, Trust & Identity Developer
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEcBAEBCAAGBQJUWod5AAoJEIjRSgb/sqCOV9oH/Aj+HC+rtYtRPgUEMnRKgyKA
YtELWC9qQwBF3aydJPgi34RRB4XkQyBjDjKelUiko/VgtXelPS/lu0iZL9yUu0eO
UlnbDaXx76DBLAA6kUNk7wxocjujeVof7Yj0D2Ak+poKG2cCdZfzMgMi7S6cHt4x
7K6AzXqg/9scS6in1MJYZEiVFLshPBfrGRGPSn3Q9Rov1EpTJwshY4h9jmDtNkom
35QZfgrP4IXlPZVAPO5ttW1hPd/HiDBMbQVitwtiAK9DF/LamIl864fayKNczD/B
68Aq6y8DHCS3cjrs+MpeIdu63F5Qpd43FthEXZ24PzV49dwHSoeJzwqMt4fFLus=
=DNNU
-----END PGP SIGNATURE-----
	-----BEGIN PGP SIGNED MESSAGE-----
	Hash: SHA256

	Migration of our project funds to a multisig address.
	=====================================================

	We, the undersigned core developers of OpenBazaar, have decided with consensus
	on the following on November 4th, 2014:

	Because of the facts that:

	(1) Developers can be malicious

	Our threat model involves powerful agents at play. These can include malicious
	governments who have the ability to issue secret warrants legally requiring
	developers to take certain actions. We therefore follow a trust-but-verify
	model in all our development process. As such, certain developers of the
	project may in the future be legally required to perform actions that they do
	not agree with, without the ability to communicate this fact to others. Through
	multisig, we are requiring at least one more developer to perform a check on
	financial decisions as a safety-net.

	(2) Mistakes happen

	We are human and often make mistakes. This can include lost wallet keys,
	or destroyed laptops. Multisig will allow us to migrate our funds in case one
	developer loses their keys.

	We also sometimes make transactions that may be incorrect. A second pair of
	eyes is good to make sure we don't burn our funds or we don't send them to the
	wrong third party.

	(3) Developers can become unavailable

	Developers may become unavailable for various reasons such as accident or
	death. We do not want to depend on one individual for all our funds. In case of
	unavailability, multisig allows us to move our funds to a new address.

	(4) Dictatorship is evil

	We take team decisions with consensus. However, sometimes consensus cannot be
	reached. We have never had this problem in our team yet, but it is bound to
	happen in the future. In cases where consensus cannot be reached, an individual
	developer should not have the power to act solely as a dictator and enforce
	their opinion. Multisig requires at least one more party to consent. This acts
	as a safety net.

	(5) Transparency is good

	We believe in a transparent development model. All our code is open source. We
	interact with the community through public chat on IRC, on a public subreddit,
	and in forums, all viewable by anyone. We plan features and submit bug reports
	through GitHub issues, which are public. Anyone is able to criticize us through
	these channels directly, even pseudonymously.

	As of Beta 3, we are also making all all-hands developer video calls publicly
	available through live streaming, and they are recorded for future reference.
	We wish to be held accountable for our actions, and we invite the criticism of
	the community.

	In this direction, as we are funded through donations, we believe the public
	should know exactly how much money we have and where and when exactly it is
	spent. By publishing our multisig address, we submit our financial records to
	public scrutiny.

	Now, therefore, we are announcing the following:

	(1) Ownership of public keys

	Each of us controls one of the following public bitcoin keys. We are
	providing bitcoin signatures as proof that we are in control of each.


	Brian Hoffman:

	Address: 12khSGHCvJoB7d5evWykvgeJVdYtSgAaxo
	Uncompressed Pubkey:
	04b3fae54a761c71d38df081cddb75b6306306d8e83338e9b748a02d4978ef48d356ec7fb4155bc819767ed90d56a0dccab185b9bf3d52027cdc226b611ddd3985
	Message: This is Brian and I own 12khSGHCvJoB7d5evWykvgeJVdYtSgAaxo
	Signature:
	IHb6uWPR1mGxl85YDfPN1trD6ybLeeH0FotTWrUr2W+lcDLiM5iXompDaMJxFg3MwFQpto5cInFrPyooFw+/60I=

	Sam Patterson:

	Address: 19xZbcnF9HB3ycfFJmQS5Gr7eJ7riJKrWc
	Uncompressed Pubkey:
	047AA4C9652BEB1A01B351CC212391168C11E192E25A88AF79A422C4F83CBC7ED0BB5632C87547C45525167A8C814AFC29C7FFE44157547DC21B193AC714B4BA06
	Message: This is Sam. I own 19xZbcnF9HB3ycfFJmQS5Gr7eJ7riJKrWc and will use
	it for the OpenBazaar multisignature fund.
	Signature:
	IIKNFBcUu9OQ/L+bv/liAMMPBJHC70Y9bpzUsscW7C3FloC7uw5QH1UJUdN1AR50kuIAikB9mZkvZKcTGvDzDYk=


	Washington Sanchez:

	Address: 19fQbq6egzREyDSt8R1zGPAFoR1THWSV4g
	Uncompressed Pubic Key:
	0420b86afc794ec3307bcf3becc94b30f672a17483581dd703a37956f60ba89cf77bc349fe7d9889f7ed609b14bc397fc4ae0196c8325e6acc4d2e95aceca4d207
	Message: This is Washington, confirming that I own this address.
	Signature:
	Gx9lga0zuYcJk8dhXq3Wb0Nsy5tXohJusUoIw7pm9ZytrGC6wD8zfwS4K4f+sRqdWE2s9kyv9Wd5q0Fl//HY1AE=


	Dionysis Zindros:

	Address: 1HA6tFUGQrzrwGDDVp9dHivNRyhuT37dCh
	Uncompressed Public Key:
	046ca17a66be50dc0d0093d3ebbefb74ffbd69fae577dfa329f67444f3f99913708efa5f51ca27fd0509af26245c9d5526b620cb9d90ca9a4a0ef2e3e2fe0e2bb8
	Message: This is Dionysis Zindros, confirming that I own this address.
	Signature:
	HI9Bc8o/pyKmowG9cRL47Zt4ylYIJOxQnvSB4AF7FaNCHVz+hA6jowsDppAIKwLX9FMrxBqiGnhgpc/68G2t+uM=

	We invite the public to verify our signatures above.

	(2) Multisig address migration

	We are designating the following 2-of-4 multisig address for the storage of
	OpenBazaar funds:

	3MXYUBLWNETa5HTewZp1xMTt7AW9kbFNqs

	The address is constructed with the above 4 public keys. We invite the public
	to check that the multisig address is a 2-of-4 address and that it is
	constructed using the above 4 public keys. For verification purposes, the
	bitcoin script is given below:

	524104b3fae54a761c71d38df081cddb75b6306306d8e83338e9b748a02d4978ef48d356ec7fb4155bc819767ed90d56a0dccab185b9bf3d52027cdc226b611ddd398541047aa4c9652beb1a01b351cc212391168c11e192e25a88af79a422c4f83cbc7ed0bb5632c87547c45525167a8c814afc29c7ffe44157547dc21b193ac714b4ba06410420b86afc794ec3307bcf3becc94b30f672a17483581dd703a37956f60ba89cf77bc349fe7d9889f7ed609b14bc397fc4ae0196c8325e6acc4d2e95aceca4d20741046ca17a66be50dc0d0093d3ebbefb74ffbd69fae577dfa329f67444f3f99913708efa5f51ca27fd0509af26245c9d5526b620cb9d90ca9a4a0ef2e3e2fe0e2bb854ae

	(3) Mandatory transparency

	We have transfered all our funds to the multisig address and published it
	to be used for donations. While we still have access to our old donations
	address for donations coming from people who have stored it, we will be
	using the new address for all donation purposes from now on. Any funds
	donated to the old address will be immediately transfered to the multisig
	address.

	We will make all our organizational payments directly from our multisig
	address. We vow to publish the following information for every transaction
	originating from our project multisig address from now on:

	* The recipient bitcoin address
	* The date of the transaction
	* The recipient actual name or company name
	* The reason for the expenses

	In case of conversion to fiat currency, we will state the above data for the
	recipient of the converted fiat currency.

	We invite the public to verify our GPG signatures on the above announcement.

	Brian Hofmann, Project Lead
	Sam Patterson, Operations Lead
	Washington Sanchez, Research Lead
	Dionysis Zindros, Trust & Identity Developer
	-----BEGIN PGP SIGNATURE-----
	Version: GnuPG v1.4.11 (GNU/Linux)

	iQEcBAEBCAAGBQJUWod5AAoJEIjRSgb/sqCOV9oH/Aj+HC+rtYtRPgUEMnRKgyKA
	YtELWC9qQwBF3aydJPgi34RRB4XkQyBjDjKelUiko/VgtXelPS/lu0iZL9yUu0eO
	UlnbDaXx76DBLAA6kUNk7wxocjujeVof7Yj0D2Ak+poKG2cCdZfzMgMi7S6cHt4x
	7K6AzXqg/9scS6in1MJYZEiVFLshPBfrGRGPSn3Q9Rov1EpTJwshY4h9jmDtNkom
	35QZfgrP4IXlPZVAPO5ttW1hPd/HiDBMbQVitwtiAK9DF/LamIl864fayKNczD/B
	68Aq6y8DHCS3cjrs+MpeIdu63F5Qpd43FthEXZ24PzV49dwHSoeJzwqMt4fFLus=
	=DNNU
	-----END PGP SIGNATURE-----