It is possible to create a small transaction output as an anchor for each auction: Interested parties would then be able to place their bids by signing a transaction that uses both their bid and the anchor as inputs.
When the time-frame of the auction ends, the auctioneer can countersign the transaction with the highest bid, and since the anchor can only be spent once, all other bids are automatically invalidated.
The transactions would have to be posted through the auction's portal, as they wouldn't be relayed by the network without being signed completely. After they were posted though, everybody could verify that they are valid and the bidder actually has the funds.
One problem is though, that bidders could retract their bid, by doublespending the output used for the bid. This wouldn't be so much a problem if only people bid that actually want to win the auction, but would be a very easy way for the seller to push the price up.
In the end, the auctioneer could just sign the next highest bid then though.
The retracting of bids could be monitored by the auction platform, requiring registration.
This is exactly the kind of detailed answer I was looking for! Very clever. Can you explain the anchor output in a little more detail? How can every payment spend the anchor output (when I would think every payment is from a different address)? I think it would be most clear if that part was included in the steps, instead of being an after-note. – B T – 2014-09-30T07:22:23.467
Also, I think you should mention nLockTime, which it seems is critical to this protocol. – B T – 2014-09-30T07:23:21.857
@BT I have already mentioned lock time. A transaction can spend from any (unspent) outputs, as long as appropriate signatures (or whatever else is required by output scripts) are provided. It doesn't matter whether these outputs are to the same address or not (or even to some custom script). I think the protocol is complicated enough without the anchor output, so it makes sense for the reader to comprehend the simplified version before the complete one. – abacabadabacaba – 2014-09-30T07:54:09.440
Ah I think I see. So you're saying a bidder can create a transaction with two inputs: the bid coming from an address the bidder owns, and the anchor coming from an address the auctioneer owns. For that transaction to succeed, both bidder and auctioneer have to sign it. And as long as the transaction hasn't been given to the network, the same anchor can be used for all the bids, ensuring that only one will successfully be spent. Is that right? – B T – 2014-09-30T19:33:25.857
1@BT The payment transaction would have two inputs: one spending deposit, which requires signatures both from the bidder and from the auctioneer, and one spending the anchor output, which requires a signature from the auctioneer only. So, two inputs and three signatures in total. The auctioneer would sign only one of the transactions, and the network won't accept more than one because they spend the same output. – abacabadabacaba – 2014-10-01T04:24:35.373