Registration, Profile & Login Website registration page:
Users sign up with a username, password and profile PIN (2FA to protect sensitive actions inside the market place)
Users log in by entering username, password and solving a captcha
Users can edit their passwords/profile PIN, define a PGP public key
Every user without current orders is allowed to become a vendor
A bitcoin Fee of 100$ is a must which should be drawed from directly from the users balance
If the user has defined a PGP key (required for vendors), he can upgrade his profile by clicking 'become a vendor'
Before he can create listings, he needs to set his GPG Public key
Products & shipping options Multi Vendor Bitcoin Mart product view:
Before creating products, a vendor needs to create at least one shipping option (with name & price)
He creates products (with name, description, price, image, shipping options, ...) that are hidden (only accessible with URL) or displayed immediately in the public listing.
Order lifecycle Multi Vendor Bitcoin Mart order view:
Buyers see all public listings on the frontpage and can sort & filter the products (searchable by 'tags' that can be defined on products)
Buyers can see the rating & feedbacks of vendors on the vendor pages
If a buyer decides to order a product, an unconfirmed order (product, shipping option & amount) is created
Buyer confirms this order by entering the shipping info (which is encrypted with the vendor's PGP public key on the server side), a bitcoin refund address (only used for disputes) and his profile pin
The vendor receives the confirmed order and decides if he's able to fulfill it. No up-front ("finalize early") payments are possible at the moment, we always use full escrow.
The vendor either accepts it (entering a payout address) or declines it (with an additional message), both with entering the profile PIN.
If accepted, a bitcoin multisig transaction for buyer, vendor and admin (2 of 3) is created for the order
The buyer now pays the required funds on the multisig address. The website automatically picks up the payments and sets the order to 'paid'
The vendor now ships the goods and marks the order as 'shipped' by (off-line) signing the multisig transaction with its private key. He adds the partially signed transaction to the order. The shipping info is wiped at this moment.
The buyer receives the goods and marks the order as 'received' by (offline) signing the (partially signed) transaction. It is now a valid signed transaction which the buyer broadcasts to the bitcoin network. The website automatically picks up the transaction and releases the funds to the vendor.
As soon as the order is paid, one of the parties can raise a dispute that an admin has to resolve (see Admin interface)
Rating & Wiping:
After an order is completed, the buyer has the possibility to rate the vendor (1-5) and leave an optional comment (buyer rating is not implemented)
14 days after completion of the order, the order can be deleted.
Admin accounts can be set in the command promt (there should be a "admins rank" that the owner can set)
Admins can later set "Moderator" on users accounts (its a less powerfull rank, Moderator should not be able to alter other ranks. they should only be able to view/edit disputes)
Admins should be able to ban accounts and also set warnings on accounts (example: admin/moderators can set a "scammer" sign with a following message like "scammer: vendor tried to recive payment outside of *website namne*, this should be edited by the admin or mod)
Admins see the open disputes (that either buyer or vendor has raised during the order lifecycle) and solve them by
..discussing the dispute by leaving messages (same as buyer/vendor can)
..crafting a new transaction that pays a certain amount to buyer & vendor
The site should be built in php7 and anonymous.
This marketplace will be used on the TOR Network, have that in mind when bidding.