I'd like to trade securely as much as the next guy. Obviously Mtgox has had some problems, and there's no bit of certainty any such clusterfuck won't happen to one of the now booming newcomers like tradehill.

Let users make a choice

If, as a user, you had some kind of certification/rating for a trading website, you could at least make some kind of informed decision.

Security audits by a community of whitehats

The idea is essentially simple. There could be a number of ratings (like bronce, silver, gold etc.) or grades or what have you. They're assigned to websites according to a security auditing process performed by whitehat security experts.

Part of the audit is looking at the site from the outside, and rating that. Another part is looking at the system setup from the inside. Certain ratings (like say gold) will only be available to sites who cooperate fully with the auditing.

How to get people to do the auditing work?

Simple: if a trading website wants to get a (prestigious) rating, they'll have to pay for the audit.

Audits will have to be performed regularly to be retained. The community performing the audits should be composed of people that the bitcoin community trusts. The documentation about the rating should be open and transparent. And the auditing above all needs to be impartial, which requires leadership of the auditing company that is well trusted and of unquestionable ethical character.

So what do you think? Yay or nay?