You refuse to service the serial number and blacklist it. Maybe you allow folks to send them in for inspection/authentication and re/serializing if they think it’s legit. With even say 3 serialized parts at 6#s you have 10^18 possible combos. That’s probably not enough to secure a non rate limited system but if you charge 1$ check you will be fine as long as the database isn’t compromised. My understanding of cryptography is limited but it may be possible to encrypt the entries as well such that even compromise database keys can’t be guessed. Rolex is the DMV of Rolexes. If they don’t like your serial number they can cancel you at any time and that’s it short of suing them. Thats why if there is ever any doubt they can simply refuse to authenticate or force you to send the watch in for authentication. Moreover they can work with insurance companies and provide an authentication service that allows fake watches to be canceled for insurability as well if they wanted that. Though I think in general insuring fake Rolexes is probably pretty profitable and not paying out on fakes might not be worthwhile. I’m not skeptical of the trade, there is after all a trade in Nike shoes and they are worth significantly less but it’s more that I wonder how much premium they loose on the black market due to lack of traceability. Without a very skilled authentication it’s hard to validate you get the real thing and markets tend to discount accordingly. Even the real thing if it’s possibly blacklisted by the vendor without a good way to verify would get discounted. So you should end up getting prices for the real thing that are close to that off high quality knock offs. People in the 3rd world but stolen cars all the time for example but I suspect they are quite a bit cheaper then the legit ones or at least efforts are made to launder them.
Here is why your ideas don't work I buy a Rolex. I drop it. It stops running. I take it to my local watch battery place. They take it in, say they'll take a look at it. They call me back an hour later, say "sorry we can't service Rolexes" and now I have to take it to Rolex. Meanwhile they've photographed the shit out of it and sold the serial numbers to a shop in Shenzen. A month later my legit serial number is on 900 counterfeit watches, a dozen of which are seized. Rolex is notified and blackballs my serial number. Now - maybe I get my watch out of there before Rolex decides its counterfeit and I get blackballed next time. Or maybe Rolex decided they sold me a fake Rolex and either refuse to work on my Rolex or confiscate it. Either way, I'm a legit customer paying legit money for a Rolex and you just called me a criminal. This will not end well for you. So okay. You put three serial numbers on the thing to get "10^18 possible combos." Great. My shady shop either copies all of them, or one of them stays secret so that the only way you can tell a counterfeit Rolex is by dismantling it all the way. All right, though, you've got a magical mystical database, the tech nerd's solution to never touching that shitty Bitcoin bullshit. Every authorized Rolex repair shop has to have access to it, and there needs to be a process whereby they can influence it - if they find a fake Rolex and the serial number comes up real, there needs to be a process whereby a field-reported serial gets disavowed. These are trade school grads at best, BTW, many of whom are in their 60s, and you've decided you need them to keep a computer around, learn a system and also be responsible for pissing off their best customers. So we've got a disavowed serial number but the watch is being serviced by a savvy center that knows it's legit - they unpeel down to your mystical third serial number or some shit. THAT watch is legit. It needs to be marked in the system. Do we give the owner a new serial number? And what happens when your counterfeit ring gets access to your database? 'cuz they're gonna get access to your database. And what happens when the write keys get hacked/leaked? Swiss banking security largely functioned through SneakerNet and we've got the most recognizable brand in the world with a dealer network nearly 2000 strong and they are fallible. Here's what works You've got a watch. It's got a serial number. That serial number is tied to an NFT on a blockchain. When you buy that watch you get set up with a passcode - maybe it's a password, maybe it's your driver's license, maybe it's your wedding anniversary, whatever. And when you bring it in for service, that passcode combined with that serial number allows you to operate on the blockchain. NOTHING ELSE DOES. And when you sell it, you transfer ownership - via the blockchain - to the new owner, who gets a new passcode, who gets to interact with the blockchain instead of you. - Rolex has to do nothing. - The dealer has to do nothing. - You have to use your digital signature. - And we're done. How much premium does Nike lose on the black market? I don't have to wonder, I know. Thirty to eighty percent. Read that again. Thirty to eighty percent. There isn't much out there that covers the black market. Piketty reported every estimate he could find and the overall black market is estimated to be between 50% and 150% that of the white market. Michel Chivalier reported it at "thirty to eighty percent" depending on the business, the market segment and the year; he did that based on being chairman of Paco Rabanne and then researching and writing four books on the subject. Yes. It is difficult to suss out quality counterfeit goods. So you can either turn your dealer network into a cryptographic Stasi hell or, you know, do what the industry is already doing.
Your method works, it’s more complex than mine but also more flexible. Attaching NFTs to physical goods as a means of authentication is a good idea but It’s not perfect. You can still separate the real Rolex from the NFT and transfer the copy with the fake but at least you only have one instance of a fake out there. Still even with a simple solution like a database there should only be one instance, the only thing the blockchain adds is the ability to have a private key that prevents unauthorized transfers in the database though even that should be possible to add to a database without resorting to blockchain. Ultimately if the database is setup correctly the only difference between Blockchain and database is that trades can occur without an authorized shop to facilitate the exchange and even there a database could be used because the key is really just the same as a password so really we’re talking hacker resistance. Also if you want to be able to fix entries and roll stuff back then Rolex needs a set of private keys on the blockchain. If those are lost the blockchain entries get compromised as well. IMO blockchain is a solution looking for a problem. Almost always when dealing with physical goods it falls back on some single exchange to authenticate the validity of the token and transfer the thing or the license/right. The only place that seems to be a non issue is digital currency where there is nothing to transfer and the value comes from the scarcity of the token itself.
1) Where is the complexity? You've invoked a global surveillance state to prevent forgery. It has no solutions to dealing with forgery once discovered. It requires, in a nutshell, a DMV... and the reason we don't have DMVs for anything without tires and license plates is because if DMVs could be any simpler, they would be. Fundamentally, the DMV is the interface between "your car" and "your government" and blockchain eliminates any need for a government. 2) What's the hang-up on databases? You're like the fifth fucking person who somehow thinks that a .csv or mongo.db somewhere has any sort of advantage of any kind anywhere ever. Do you guys think we just invented databases or some shit? Do you realize that databases are older than wristwatches? Do you guys honestly believe that an entire industry has been somehow oblivious to technology going back to the Jacquard loom and should somehow go "oh yeah totally our business would somehow be so much more streamlined if only we ran on MS Access?" 3) How can I make the fundamental baked-in advantage of a ledger any clearer? You don't need to edit SHIT. You just need to write it the fuck down and then control who can read and who can write. Read: the stakeholders (purchasers, sellers and servicers of watches). Write: the seller. Indelibly. Eternally. YES. The key is "really just the same as a password." NO. The password on a blockchain is absolutely fucking nothing like the password on a database. For one, with a database there's a bunch of passwords somewhere. Sure. Salt 'em. Sure. Hide 'em. Sony will still store them in plaintext, Experian will put them somewhere they can be snuck out the back door, everyone will leak them. With a blockchain? I know my password, and to everyone else it is unknowable. YES: if Rolex loses their keys the whole system gets funky. So... don't lose your keys, Rolex. 4) How can you not get this is a very real problem with a very real solution that is in the process of adoption? I'ma blow your mind. Got a Patek Philippe? Got a Vacheron? Got a Jaeger LeCoultre? For anywhere between $250 and $500, you can write to those companies with your serial number and get the full service and sales history of your watch. See, the high-end companies have been keeping track of this shit from the jump. Fuckin' Vacheron Constantin can look your shit up back to the French & Indian Wars. Here's the catch: they assess that performing this service for you should cost about as much as buying a Shinola. Which might have something to do with them putting it on the blockchain in 2019. Look. Your opinion is crystal clear. But I'm running out of ways to point out that it's uninformed.
From the first sentence of https://ethereum.org/en/developers/docs/intro-to-ethereum/ "A blockchain is a public database that is updated and shared across many computers in a network." it's really a very reasonable comparison. Both are cool and im interested in them and like them for what they are, but I think it's wrong to say that traditional databases don't have any advantage of any kind. For a blockchain to have any extra security you need a bunch of different nodes controlled by independent parties running the software which means it's necessarily less efficient, and you need some sort of incentive system to keep them wanting to run the thing which is necessarily more expensive. If you're not able to trust any one entity to keep the database running, being trustless is Huge, but for this situation I still don't see how it's different from a Mongo DB that has the same behavior as the blockchain - ie. the only operations are new serial numbers being added and transfers to and between owners. The only additional failure case that the blockchain fixes is that someone gets access to the Mongo db's password or the server that it's running on and changes things there. No trade school grads or front line workers need to have any privileges.