We are exploring refactoring an event ticketing platform (ticketbase.com) to work on blockstack. We could use some help thinking through some of the interesting technical challenges of this project.

Q1: All of example apps, from microblogging, graphite (documents), stealthy.im (messaging), allow the user to choose who to share their information with. In order to even interact with these apps, users must have blockstack installed. On ticketbase.com - an event ticketing platform - we’d want some pages (like event pages and venue pages) to be publicly facing. Users (in this case, people looking at an event page for information about the event and deciding if they want to RSVP or buy a ticket) need to view information like dates, times, and number of registrants before they ever create an account or login to a system. I need to understand how the current technical capability of blockstack can enable or limit this sort of interaction.

Q2: The roadmap indicates that blockstack is unable to initiate requests for users to send payments. Anyone here know if that is required for ecommerce solutions to function on blockstack?

Q3: For a ticketing system, selling tickets to users, is there a way to create unique tickets for each blockstack user that would not require them to have their laptop with them to attend an event and verify their ID on site - obviously in lieu of the existence of a blockstack mobile app that may or may not be on the near term roadmap?

Q4: Would a ticket would need to be non-fungible in order to prevent scalpers?

Q5: Is there a way to tie a onename/blockstack id to a traditional ecommerce payment? Possibly with a minimal on chain record creation, but the main transaction happen off chain. Use Case - User of ticketing system wants to pay using fiat currency but have that ticket tied to their blockstack id

GAIA Questions

Q6: What is the upper limit on GAIA Bandwidth?

Q7: Is there a way to store a mix of encrypted and non-encrypted data in GAIA? Use case: if events were stored on blockstack, only identity attestation needs to be encrypted, the event should be publicly available.

Q8: For a registration type system, hypothetically 1000 - 2000 registrants to a conference, would you anticipate any challenges for the conference admin to aggregate the information?

Q9: Are there permission levels built into GAIA?
Example use case:
-Registrants allow access by any conference employee to see their name but not address
-Conference participants grant permission for the organizer of boston event to see their information, but organizers of other cities are not able to view boston particiants
-Registrants leave some information completly unencrypted, like age, but encrypt all their other info.

Hey @shanereiser, let me see if I can answer a few of these for you.

Q1: This is already doable today. The user’s public data can be discovered and crawled. The Blockstack Explorer does this for user profiles, for example. To fetch app-specific public data, please see this example from our technical FAQ

Q2: Blockstack apps are Javascript apps, so you can use any payment processor you want as long as it has a Javascript client. Paypal and Stripe both work, for example.

Q3: Creating and storing unique tickets can already be done: ticketbase would create a signed ticket for the user, and the user would store it in their ticketbase Gaia bucket (which can then be loaded via HTTP, per Q2). There’s a mobile SDK on the near-term roadmap.

Q4: My answer to Q3 would prevent scalping, since each user gets an unforgeable, unique ticket paired with their blockstack ID.

Q5: Yes—the approach in Q3 pairs the ticket with the user’s blockstack ID. The ticket data lives off-chain, and the user can have many different tickets for different events.

Q6: As fast as the available bandwidth allows. A Gaia hub is just a POST proxy that allows someone to store data to an underlying storage provider like S3 or Azure. The Gaia hub is not on the GET path, so if the user’s Gaia hub writes data to S3, then the read bandwidth is whatever S3 can provide (which is a lot).

Q7: Yes—the Gaia storage API supports both encrypted and unencrypted data. Please see the blockstack.js docs for details.

Q8: Assuming the user’s ticket is public data (i.e. anyone can read it), then the conference organizer can determine who has tickets by scanning through the set of blockstack IDs, and for each blockstack ID, determining if the user has (1) used ticketbase, (2) has stored a particular ticket (i.e. under a given filename), and (3) has stored a valid, well-formed ticket signed by ticketbase (or the event organizer, depending on what mechanism you use to prevent scalping).

Q9: This is not something the API implements as first-class operations, but it’s straightforward for the app to implement. Before storing the ticket to the user’s Gaia bucket, the app would encrypt it with the conference employees’ public key(s) and the user’s public key so only the user and the employees could read it. Same goes for specific organizers. The ticket data structure your app implements can be composed of encrypted and unencrypted fields.