Sandi: A System for Accountability and Applications in Direct Communication (Extended Abstract)

Reputation systems guide our decision making both in life and work: which restaurant to eat at, which vendor to buy from, which software dependencies to use, and who or what to trust. These systems are often based on old ideas and are failing in the face of modern threats. Fraudsters have found ways to manipulate them, undermining their integrity and utility. Generative AI adds to the problem by enabling the creation of real-looking fake narratives at scale, creating a false sense of consensus. Meanwhile, the need for reliable reputation concepts is more important than ever, as wrong decisions lead to increasingly severe outcomes: wasted time, poor service, and a feeling of injustice at best, fraud, identity theft, and ransomware at worst. In this extended abstract we introduce Sandi, a new kind of reputation system with a single well-defined purpose: to create trust through accountability in one-to-one transactions. Examples of such transactions include sending an email or making a purchase online. Sandi has strong security and privacy properties that make it suitable for use also in sensitive contexts. Furthermore, Sandi can guarantee reputation integrity and transparency for its registered users. As a primary application, we envision how Sandi could counter fraud and abuse in direct communication. Concretely, message senders request a cryptographic tag from Sandi that they send along with their message. If the receiver finds the message inappropriate, they can report the sender using this tag. Notably, only senders need registered accounts and do not need to manage long-term keys. The design of Sandi ensures compatibility with any communication system that allows for small binary data transmission.