Reputation & username system - alternative to proof of burn

[Agent86]

I don't see the current TITAN username system as a raging success:
-There have been a lot of spoof accounts created
-A number of people have been hurt by mistakenly sending funds to an incorrect name
-New user confusion with the "chicken and egg" name registration deal
-Issues with scanning the blockchain, missing info etc.
-Greater barriers and less focus on: Cold storage, offline transaction signing and watch only wallets.
   (I think these things are very important and there should be more effort in this regard)

...Regarding your last two points, again this has nothing to do with your proposal, but I do agree that they are important issues to solve...

Yes, of the issues I mentioned, I'm really only trying to solve #1 & #2 with my proposal.

The other issues I'm pointing out wouldn't be such issues if we considered TITAN an advanced feature instead of the only way to use the system.

[tonyk]

I don't see the current TITAN username system as a raging success:
-There have been a lot of spoof accounts created
-A number of people have been hurt by mistakenly sending funds to an incorrect name
-New user confusion with the "chicken and egg" name registration deal
-Issues with scanning the blockchain, missing info etc.
-Greater barriers and less focus on: Cold storage, offline transaction signing and watch only wallets.
   (I think these things are very important and there should be more effort in this regard)

So this whole deal is solving 'problems' creating by TITAN
How about reversing back to not using named accounts.

And NO I do not think 'scanning the blockchain' issues have anything to do with naming accounts, directly.

[gamey]

In my opinion, if you are running a business you should not use account names as your public facing identity but rather your .p2p name. A BIP 70-like payment protocol can allow customers to know they are sending their money to the right place (they will be able to verify the .p2p domain name in their payment confirmation).

I am not familiar with bip70 enough to comment, but I think there definitely is a point to be made to not use a registered account.  It seems so useful at first, but then you realize the added effort of registering the spoof names or potential losses.  Not even considering this thread's proposal, maybe Bitshares dev's should change around best practices for businesses to not use named accounts.  Names help with offline transactions I suppose, but usually addresses are just a cutnpaste away.  It is people trying to rely on their memory that screws things up and allows spoofers to gain from misdirected transactions.

[arhag]

I don't see the current TITAN username system as a raging success:
-There have been a lot of spoof accounts created
-A number of people have been hurt by mistakenly sending funds to an incorrect name
-New user confusion with the "chicken and egg" name registration deal
-Issues with scanning the blockchain, missing info etc.
-Greater barriers and less focus on: Cold storage, offline transaction signing and watch only wallets.
   (I think these things are very important and there should be more effort in this regard)

I don't view spoof accounts and people sending their funds to the incorrect name as such huge problems that require the community to kill off "bad" account names (I am not saying I am against your lifetime proposal necessarily, I just don't think that is the proper way of handling these issues). In my view people shouldn't be sending money often to people not already on their contacts list. If they are, then it is because they initiated the transfer from either clicking on a link on a website or having their mobile client directly communicate with a point-of-sale device of a merchant. In both cases, the validity of the to address information should in the future be protected by the security of .p2p domain names. Other people they communicate with, send money to, work with, etc. should be added to their contact list. Global unique names are useful because it means that you can get back in touch online with a person you met in real life and were only able to exchange a human-memorizable name (and one that is easily written down). Even this becomes less important as more people have smartphones that can automatically transfer their contact information with near field communication (and a confirmation code on each party's phone to protect against any man-in-the-middle attacks as rare as they might be).

Regarding the chicken egg problem, I see that as the fault of the exchanges that still have not implemented sending funds to a public key for some reason. Anyone know why they haven't done this yet? Anyway your proposal doesn't solve this issue. We need to at least have a transaction fee for registering a name, otherwise people could just spam the network for free.

Regarding your last two points, again this has nothing to do with your proposal, but I do agree that they are important issues to solve. The way I understand missing transaction info (other than ones causes by bugs) is that if you don't back up your exported JSON, you would not be able to recover the recent outgoing transaction information because you wouldn't know which user the outgoing transaction was sent to in order to re-derive the shared secret (someone please correct me if I understood incorrectly). I think it would be nice if the client allowed you to supply a list of contacts that you remember sending money to and it would go through that list to brute force your outgoing transactions to try to recover that info. Cold storage, multisig, and offline transaction signing are all very important security features that are badly needed, and I'm sure the devs are either working on it or will get to it soon enough. Another critical improvement necessary before this can go mainstream are lightweight clients and the ability to get notifications of new received funds through a mail server rather than require the user's client to scan the entire blockchain.

People run businesses and are screwed with _ALL_ the time on the internet. 
...
So if I start a business that takes deposits at a certain name that has competitors, why wouldn't they attack it ? 

In my opinion, if you are running a business you should not use account names as your public facing identity but rather your .p2p name. A BIP 70-like payment protocol can allow customers to know they are sending their money to the right place (they will be able to verify the .p2p domain name in their payment confirmation).

[gamey]

Ok, I've reread it for the third time.  I don't think I'm missing anything.  Maybe blackmailing isn't a viable business model.

This whole system basically means that you have to proactively protect your account by CDM-mining it from the start.  And you better have a large stake.  So you have to mine your account when you create it (which was meant for ease of use initially)   Then you need enough stake to proactively defend it.  And if by some chance you do not have the means to fend of an attacker, you can go to the forums and ask for CDM-defensive backup.

Dan's system just has you register an account and be able to use it.  If you want to use the rep system, then you can.  You are not forced to understand it though to defensively protect your account name.  (The one which you happen to receive funds on.. very important)

I think saying you have to "proactively defend" your account is an exaggeration.  You just have to make a transaction that devotes your stake to your account name.  You can then have everything in cold storage while your name gains devotion.  I think of it more as a reputation metric than as "defending" your account.  You are proving that you have invested in the username over time because stake can't be devoted to more than one name.

I don't think anyone is going to attack your username for no reason when you aren't bothering anyone.  I don't think it will be an issue that people will be having their name attacked for no reason.

So now we are back to another system that adds this whole new layer of effort to keep track of a simple address to send and receive from.

Again, I think a username is not needed for simple send and receive functions.  Even if you lost a username, you don't lose your public key.  I think a rep system for user names and getting rid of spoofers is helpful

what is the big need, after you uselessly change the market engine in one day, to go and suggest highly complicated and not necessitated by any problem account value system?

What are the problems with BM's proposal ?  Is it listed what problems your proposal solves?  His proposal seemed fairly clean to me. 

I don't see the current TITAN username system as a raging success:
-There have been a lot of spoof accounts created
-A number of people have been hurt by mistakenly sending funds to an incorrect name
-New user confusion with the "chicken and egg" name registration deal
-Issues with scanning the blockchain, missing info etc.
-Greater barriers and less focus on: Cold storage, offline transaction signing and watch only wallets.
   (I think these things are very important and there should be more effort in this regard)

People run businesses and are screwed with _ALL_ the time on the internet.  It is amazing how many people get DDOS'ed.  I've had the thought that it is the DDOS mitigation companies doing this (possibly indirectly) just to drum up business, because there are times when it doesn't make sense.

So if I start a business that takes deposits at a certain name that has competitors, why wouldn't they attack it ?  Especially if they don't need their CDM elsewhere ?   So now I have to be capitalized just to defend that name.  Weird. Previously I might get negative rep, but my accounting system wouldn't stop working over it.

With your list, I agree with 1 & 2.  I think the rest are just part of development and have largely been fixed.  I might even agree that there is too much effort put into privacy with Titan, but all that work is done.

People do send funds to wrong address in btc, but btsx just makes it easier.  Yet it also makes it possible for me to remember my name.  You want to send me funds?  just send them to 'gamey'.  You might be right that we'd be better off without names, but I think the whole name system should be axed before we go down the rabbit hole of more complexity.  You want the devs to signficantly increase complexity, but then you want them to focus on other things.  Issues with scanning the blockchain etc are due to the dev process and time required to track down all the bugs.  This proposal will just destabilize the code base again as it is being implemented.

It isn't like I am totally against what you are trying to accomplish, but things like this need to be really really thought out on the ways they can be abused before they should even be considered technically.  I'd love to see the exchange spoof names revoked, but it would be very hard to find a way that is agreeable to me to do this.

Also - the far easier solution here is for exhanges to not use named accounts to begin with.  If spoofing is too much of a problem, they should just switch to the regular BTSX address with the checksums.  Problem solved !

[Agent86]

I want to say something about privacy vs. reputation tradeoff.

I think one of the most important attributes of these systems is they codify what is ultimately a social consensus…

Let's say tonyk has 10mil BTSX and there is this social consensus that he owns this 0.5% of the network.  Let's say tonyk runs afoul of the law for not renewing his "bitlicense" or some such nonsense and the government demands that tony forfeit his BTSX.  The network/community simply invalidates that stake so the gov't gets nothing, the network happily pays for tony's legal defense and whenever he is out of harms way he freely claims back his remaining balance.

I think this type of thing is way more powerful than this obsession with anonymity and untraceable transactions.

[Agent86]

Ok, I've reread it for the third time.  I don't think I'm missing anything.  Maybe blackmailing isn't a viable business model.

This whole system basically means that you have to proactively protect your account by CDM-mining it from the start.  And you better have a large stake.  So you have to mine your account when you create it (which was meant for ease of use initially)   Then you need enough stake to proactively defend it.  And if by some chance you do not have the means to fend of an attacker, you can go to the forums and ask for CDM-defensive backup.

Dan's system just has you register an account and be able to use it.  If you want to use the rep system, then you can.  You are not forced to understand it though to defensively protect your account name.  (The one which you happen to receive funds on.. very important)

I think saying you have to "proactively defend" your account is an exaggeration.  You just have to make a transaction that devotes your stake to your account name.  You can then have everything in cold storage while your name gains devotion.  I think of it more as a reputation metric than as "defending" your account.  You are proving that you have invested in the username over time because stake can't be devoted to more than one name.

I don't think anyone is going to attack your username for no reason when you aren't bothering anyone.  I don't think it will be an issue that people will be having their name attacked for no reason.

So now we are back to another system that adds this whole new layer of effort to keep track of a simple address to send and receive from.

Again, I think a username is not needed for simple send and receive functions.  Even if you lost a username, you don't lose your public key.  I think a rep system for user names and getting rid of spoofers is helpful

what is the big need, after you uselessly change the market engine in one day, to go and suggest highly complicated and not necessitated by any problem account value system?

What are the problems with BM's proposal ?  Is it listed what problems your proposal solves?  His proposal seemed fairly clean to me. 

I don't see the current TITAN username system as a raging success:
-There have been a lot of spoof accounts created
-A number of people have been hurt by mistakenly sending funds to an incorrect name
-New user confusion with the "chicken and egg" name registration deal
-Issues with scanning the blockchain, missing info etc.
-Greater barriers and less focus on: Cold storage, offline transaction signing and watch only wallets.
   (I think these things are very important and there should be more effort in this regard)

[toast]

Proof of burn is specifically not called "points" or "reputation" because its not very good for the job. I call it "vanity"...

I think a proper reputation system can't have "global reputation" values (reputation is a function of two individuals). I need to process agent's model more to respond.

Sent from my SCH-I535 using Tapatalk

[gamey]

Ok, I've reread it for the third time.  I don't think I'm missing anything.  Maybe blackmailing isn't a viable business model.

This whole system basically means that you have to proactively protect your account by CDM-mining it from the start.  And you better have a large stake.  So you have to mine your account when you create it (which was meant for ease of use initially)   Then you need enough stake to proactively defend it.  And if by some chance you do not have the means to fend of an attacker, you can go to the forums and ask for CDM-defensive backup.

Dan's system just has you register an account and be able to use it.  If you want to use the rep system, then you can.  You are not forced to understand it though to defensively protect your account name.  (The one which you happen to receive funds on.. very important)

So now we are back to another system that adds this whole new layer of effort to keep track of a simple address to send and receive from.

[tonyk]

I like your ideas in this thread A86. They are just missing an approval voting, to decide on wheatear the voting on each account's devotion is indeed done with enough devotion and or honesty... then and there  I believe we will have truly solid system.

I assume this is sarcastic     So you don't like the idea?  Do you have some specific thoughts/suggestions?

No, I actually LOVE it.
If it does not work, we will appoint a comity (or 5) selected to only take decisions on account creation/dilation and last but not lest rank/devotion. The comity members will be selected by combination of delegate votes/and users with high devotion accounts. After selection new comity members will have to wait 3 to 782 days (depending on the exact votes from any specific group), but will be replaceable in the waiting period from any account providing big collateral/and or devotion....


{EDIT} seriously though... dare to share how your new market model truly increases the collateralization? In any way other then in vague terms, and - because it does/you will see, it is significant improvement.
{EDIT2} The above or at your own will - what is the big need, after you uselessly change the market engine in one day, to go and suggest highly complicated and not necessitated by any problem account value system?

[Agent86]

I like your ideas in this thread A86. They are just missing an approval voting, to decide on wheatear the voting on each account's devotion is indeed done with enough devotion and or honesty... then and there  I believe we will have truly solid system.

I assume this is sarcastic     So you don't like the idea?  Do you have some specific thoughts/suggestions?

[gamey]

There are going to be multiple spoof scam names for any name.  Some spoof addresses have more value others won't.  Seems to me this is another way to allow a person with a large stake to remove the name of a smaller person.  These assumptions that the community will behave in a certain way need to be examined.  Much like approval voting is great, but realistically the average stake holder can't and will not be aware enough of 101 delegates.

As far as blackmailers, I don't see why people won't be able to mix up who and where they come from.  Nor do I think this would ever become severe enough for anyone to be forked out.

Blackmailers can hide.  Do you think you'd know who a blackmailer is ?  Why would you assume this?  To me it seems quite easy to hide your id in these situations. What is going to keep them from mixing their coins in at some point.  You would seriously consider forking the network over this as a solution ? 

And yes I think making another market for names inside bitshares x will make the product needlessly complicated and convoluted.  Lets see..  we had a system meant to make the whole thing easier to use.  It has the spoof problem albeit minor.  Dan proposes an ok system.  Then you come along and want there to be a 30 day wait to obtain the name while others bid on it in yet another market embedded inside bitsharesx.  How do these 2 objectives fit together ?  People aren't going to want to screw with all that.  Yes it is needless.  We need a somewhat simpler solution and no account name revocation by large stakes.

For a blackmailer to threaten to distrust you he/she must have a username(s) with a lot of devotion that took time for the blackmailer to build.  So you of course don't send any money and then you are distrusted by the blackmailer's username(s).  You go to the forum to alert people to the behavior.  If the blackmailer can't publicly defend their action, they may quickly have a problem.  If they pull the same stunt on multiple community members, now they are basically screwed.  Everyone will neg mine the blackmailer's username until it has no devotion left.  Now no one cares if he/she trusts them or not because they don't have any devotion and it doesn't affect anything.  In any case the blackmailers gain nothing and this behavior doesn't make any sense.

The spoof-scam names will die quickly and the spoofers will soon give up.

As far as approval voting 101 delegates I already have a method in mind for dynamic delegate number.  You may not like the idea anyway because it might seem too complicated but not everything that seems complicated is pointlessly complicated.

It isn't that any of this is "pointlessly complicated".  It is a question of whether there is enough value in the added complexity. I think there is a bit too much expecting people to network and go to forums to discuss all these issues when your system is abused.

I will consider it more in terms of devotion as I didn't take 100% of my time to understand your proposal fully. It does seem more reasonable in that regard.  So perhaps blackmailing can't work.

What are the problems with BM's proposal ?  Is it listed what problems your proposal solves?  His proposal seemed fairly clean to me.  Yes, legit people can be red repped, but at least they keep their account.  Someone can red rep the real bter account, but it just means people will need to double check.  It is far from perfect, but at least it doesn't muddy up creating a registered account and losing the value that was supposed to bring. (ease of use)  - That is my main issue here.  I also do not like accounts being able to be revoked.  Maybe I just want to keep my name and not have to go check that it hasn't been revoked everytime someone sends me something.  What happens if i make an automated website and my account has no devotion ?  All at once it is revoked because I wasn't paying attention and some competitor doesn't like me.  Meh.

Instead of revoked, have the network not allow deposits into the account.  Let them spend but receive no more.  Thats at least far better than revoking and putting the account back in circulation.

When you start talking about revoking names and then relying on 'the community' to protect the bullied, the idea loses interest for me.  These are just account names.  People just work around it with new names when theirs is squatted.  Just like google emails. 

Don't have high expectations from users and the effort they are willing to put forth.  You will consistently be let down with reality.

[tonyk]

There are going to be multiple spoof scam names for any name.  Some spoof addresses have more value others won't.  Seems to me this is another way to allow a person with a large stake to remove the name of a smaller person.  These assumptions that the community will behave in a certain way need to be examined.  Much like approval voting is great, but realistically the average stake holder can't and will not be aware enough of 101 delegates.

As far as blackmailers, I don't see why people won't be able to mix up who and where they come from.  Nor do I think this would ever become severe enough for anyone to be forked out.

Blackmailers can hide.  Do you think you'd know who a blackmailer is ?  Why would you assume this?  To me it seems quite easy to hide your id in these situations. What is going to keep them from mixing their coins in at some point.  You would seriously consider forking the network over this as a solution ? 

And yes I think making another market for names inside bitshares x will make the product needlessly complicated and convoluted.  Lets see..  we had a system meant to make the whole thing easier to use.  It has the spoof problem albeit minor.  Dan proposes an ok system.  Then you come along and want there to be a 30 day wait to obtain the name while others bid on it in yet another market embedded inside bitsharesx.  How do these 2 objectives fit together ?  People aren't going to want to screw with all that.  Yes it is needless.  We need a somewhat simpler solution and no account name revocation by large stakes.

For a blackmailer to threaten to distrust you he/she must have a username(s) with a lot of devotion that took time for the blackmailer to build.  So you of course don't send any money and then you are distrusted by the blackmailer's username(s).  You go to the forum to alert people to the behavior.  If the blackmailer can't publicly defend their action, they may quickly have a problem.  If they pull the same stunt on multiple community members, now they are basically screwed.  Everyone will neg mine the blackmailer's username until it has no devotion left.  Now no one cares if he/she trusts them or not because they don't have any devotion and it doesn't affect anything.  In any case the blackmailers gain nothing and this behavior doesn't make any sense.

The spoof-scam names will die quickly and the spoofers will soon give up.

As far as approval voting 101 delegates I already have a method in mind for dynamic delegate number.  You may not like the idea anyway because it might seem too complicated but not everything that seems complicated is pointlessly complicated.

I like your ideas in this thread A86. They are just missing an approval voting, to decide on wheatear the voting on each account's devotion is indeed done with enough devotion and or honesty... then and there  I believe we will have truly solid system.

[Agent86]

There are going to be multiple spoof scam names for any name.  Some spoof addresses have more value others won't.  Seems to me this is another way to allow a person with a large stake to remove the name of a smaller person.  These assumptions that the community will behave in a certain way need to be examined.  Much like approval voting is great, but realistically the average stake holder can't and will not be aware enough of 101 delegates.

As far as blackmailers, I don't see why people won't be able to mix up who and where they come from.  Nor do I think this would ever become severe enough for anyone to be forked out.

Blackmailers can hide.  Do you think you'd know who a blackmailer is ?  Why would you assume this?  To me it seems quite easy to hide your id in these situations. What is going to keep them from mixing their coins in at some point.  You would seriously consider forking the network over this as a solution ? 

And yes I think making another market for names inside bitshares x will make the product needlessly complicated and convoluted.  Lets see..  we had a system meant to make the whole thing easier to use.  It has the spoof problem albeit minor.  Dan proposes an ok system.  Then you come along and want there to be a 30 day wait to obtain the name while others bid on it in yet another market embedded inside bitsharesx.  How do these 2 objectives fit together ?  People aren't going to want to screw with all that.  Yes it is needless.  We need a somewhat simpler solution and no account name revocation by large stakes.

For a blackmailer to threaten to distrust you he/she must have a username(s) with a lot of devotion that took time for the blackmailer to build.  So you of course don't send any money and then you are distrusted by the blackmailer's username(s).  You go to the forum to alert people to the behavior.  If the blackmailer can't publicly defend their action, they may quickly have a problem.  If they pull the same stunt on multiple community members, now they are basically screwed.  Everyone will neg mine the blackmailer's username until it has no devotion left.  Now no one cares if he/she trusts them or not because they don't have any devotion and it doesn't affect anything.  In any case the blackmailers gain nothing and this behavior doesn't make any sense.

The spoof-scam names will die quickly and the spoofers will soon give up.

As far as approval voting 101 delegates I already have a method in mind for dynamic delegate number.  You may not like the idea anyway because it might seem too complicated but not everything that seems complicated is pointlessly complicated.

[gamey]

  I think the current "chicken and egg" situation where you need to ask someone to register you is a little ridiculous.

Again check the first proposal here:
https://bitsharestalk.org/index.php?topic=9075.0

It should allow us to get rid of "Post here if you want 1 BTSX" threads.

Wouldn't it be simpler to just allow transfers to any address as well as TITAN transfers to a name?
A problem with only supporting TITAN is that the exchanges have a record of all fund transfers by name (which arguably is less private than just allowing transfers to any address where the exchanges can't definitively associate the participant on the other side of the transaction).
i.e. the exchange knows you transferred 50K BTSX to account Fred instead of just knowing that you transferred 50K BTSX to some address that may or may not be yours.

This is a problem with the way exchanges implement their withdrawals.  It is not a technical problem that needs to be solved on Bitshares X end.  The threads with the small giveaways from registration are just a temporary solution until exchanges start to allow transfer to addresses that are not registered names.