01:46:05 👋 09:00:53 This damn logo controversy is driving me crazy. 09:01:14 ngl I've lost the plot on that 09:01:17 This is very expensive, risky, and time-consuming. 09:01:34 We need to focus on more important things. 09:02:22 BlueyHealer: They only want the money, the community doesn't care. 09:02:47 We were delisted from the stock exchanges, that's a more important problem. 09:36:58 Not "stock exchanges", "cryptocurrency exchanges", and believe it or not, some people think such delistings are actually a good thing for Monero, longterm. 09:38:13 I'm not as concerned about regular people there because there are better options than exchanges anyway, but I do have worries about businesses and swappers, who need to exchange in bulk and don't care about anonymity/privacy in this regard. 09:42:55 If you ask me those "swappers" are even worse than regular, and regulated, exchange with a proper license. You ask me to send my coins to some address under the control of some totally unknown entitiy, in some totally unknown country, and ask me to just hope that they may feel like sending me back some other coins in exchange? Cool offer. 09:44:08 I think cryptocurrency swappers are a good example of the almost limitless capacity of the human mind to accept even the craziest things if there is just enough time, enough incentives to accept, and enough other people around to accept the thing in question. 09:53:23 https://youtu.be/KSl-0orniWs?si=GYKpCVXuS1-AoH_6 09:53:23 A YouTuber with a respected following in my country made such a video, and many people reported that they were hearing about it for the first time and were impressed by the project. 09:53:44 This was a great advertisement, and it was completely free. 10:04:59 Looking at the current struggles with CEX delistings and the risks of using sketchy 'instant swappers,' it’s clear that we need a more sovereign solution. 10:04:59 I have a vision for a dedicated Monero Social Platform designed to bridge the gap between community interaction and secure trading. Here is the core concept: 10:04:59 Privacy-First Onboarding: Registration via anonymous emails (like Proton Mail) only. No phone numbers, no IP tracking, no KYC. Just pure pseudonymity. 10:04:59 Integrated Atomic Swaps: Instead of relying on third-party websites where we 'send and pray,' the platform would have an embedded Atomic Swap engine. Users can trade BTC/XMR directly within the app—trustless and math-guaranteed. 10:05:00 Social Trust Layer: A reputation system based on successful swap history and community contributions. This creates a 'Web of Trust' so we know who the reliable peers are without compromising their real-world identity.[... more lines follow, see https://mrelay.p2pool.observer/e/kuj74_4KcHNzVzZ6 ] 10:05:13 I'm just wondering if we really need something like this? 10:19:59 Like, isn't random exchanges on Retoswap something similar? 10:22:03 If this is important, why not make the email optional? Or if not optional, make it clear it's not verified at all. 10:42:34 BlueyHealer: Basically, I thought of it to make access easier. Because if we want to be able to access cash, we need to be able to access it easily. 10:43:10 Yeah, but making an email *optional* would be better, because anonymous email options aren't as commonplace either. 10:45:09 Spot on. You're right—even anonymous email providers are starting to act like gatekeepers these days, and not everyone is tech-savvy enough to navigate them. 10:45:09 Let’s lock this in: Email will be strictly optional. We can build the architecture like this: 10:45:09 Default Onboarding: Users create an account using only a pseudonym and a seed phrase (similar to a crypto wallet). Zero personal data required. 10:45:09 Optional Convenience: If a user wants notifications or a recovery path, they can choose to link an email at their own risk. 10:45:09 This way, we keep the entry barrier non-existent while respecting the 'pure anonymity' that Monero stands for. Does this structure feel solid enough to be our foundation? 10:49:55 Your big problem is going to be bootstrapping while protecting against collusion/sockpuppets/sybils. When a new user arrives, how do they know a group of people with lots of past trades aren't just the same person repeatedly trading against themselves to acquire rep ? There are algorithms that attempt to classify things like this, detect cliques, etc, but this is going to be your main problem. 10:50:21 After that, what data to use is an implementation detail. 10:51:28 Also bearing in mind your adversary will be able to run your algorithms to decide how to structure any attack against the rep system. 10:52:11 You hit the nail on the head. Sybil resistance is the ultimate boss fight for any decentralized reputation system. If rep is 'free' to generate, it’s worthless. 10:52:11 To mitigate this, I’m thinking about a few layers beyond just simple algorithms: 10:52:11 Skin in the Game (Staking/Burn): To gain initial 'Tradeable Rep,' users might need to lock up a small amount of XMR or 'burn' a tiny fraction of a fee. This makes running a sockpuppet farm financially expensive. 10:52:11 Web of Trust (WoT) Decay: Not all rep is equal. If you trade with a highly trusted 'OG' member, your rep gains more weight than trading with 10 brand-new accounts. We could use a transitive trust model where trust flows from established nodes. 10:52:12 Swap History Transparency: While the swaps are private on-chain, the platform could verify the existence of a successful Atomic Swap via proof-of-payment without revealing amounts. Repeating the same swap between the same two keys 100 times would be easily flagged by the 'clique detection' you mentioned.[... more lines follow, see https://mrelay.p2pool.observer/e/6Nqo5f4KQ2F5TFlE ] 10:52:15 PGP went the physical meetup way. It was mostly academia at the time, so short-ish links were easier. 10:53:19 Since your users will be picked from a more random subpopulation, this is harder. Even more if part of that population wants to keep private from the rest of the web, which was definitely not the case for PGP. 10:54:05 So what are we going to do then? We need something to provide liquidity among ourselves. 10:54:31 We need to survive; crypto exchanges stabbed us in the back. 10:55:19 What you can do is think about how this can be solved, or at least how one part of it can be solved. You seem to have started on it. 10:55:19 Remember, the only way to survive is to bring more people into our ranks. If one person commits murder, it's a crime, but if a community commits murder, it's the law. 10:55:43 A rather... interesting way of seeing things. 10:56:18 Anyway, I thought similar things for mostly unrelated reasons, and it is *hard*. 10:56:46 But a worthy area to study. 10:57:04 I agree, we can’t fix everything at once. Let’s focus on the first pillar: Trust without Doxxing. 10:57:04 To solve the Sybil/Reputation problem for our 'random' population, we could start by integrating Atomic Swap Proofs. > 10:57:04 Instead of a simple star-rating, a user's reputation could be cryptographically tied to the cumulative volume of successful swaps they've completed. We don't reveal who they traded with or the exact amount, but we provide a 'Zero-Knowledge' proof that 'Account X has successfully moved 500 XMR via Atomic Swaps.' 10:57:04 This creates a 'Proof of Trade' that is expensive to fake and directly tied to the platform's utility. It’s a starting point for building that 'Web of Trust' without needing physical meetups or KYC. What do you think about using swap-volume proofs as the primary trust metric? 10:58:09 Swap volume is inherently sybil vulnerable, isn't it ? 10:58:36 You can't burn too much of that volume or your system will stop appealing. 10:59:08 So the obvious defense against wash trade is also an attack against usefulness. 10:59:30 If one person commits murder, it's a crime, but if a community commits murder, it's the law. <- LOL WTF 10:59:43 Exactly, it is. If someone is willing to pay the on-chain fees, they can essentially 'buy' reputation by trading with themselves. 10:59:43 But here is my counter-argument: We don't need a perfect system; we just need a system where being a bad actor is prohibitively expensive. 10:59:43 If we combine swap volume with Account Age and Network Centrality (who is vouching for whom), we create a multi-layered filter. Even if you wash-trade 1000 XMR, if your account is 2 days old and no other 'trusted' nodes have interacted with you, your 'Trust Score' remains low. 10:59:43 In a zero-KYC environment, isn't Economic Cost (fees/burn) the only objective truth we can measure? Or do you think a subjective, decentralized 'Web of Trust' (like PGP/Nostr) is less vulnerable to manipulation than an objective, volume-based one? 11:00:14 XMR fees are also small so it'd be pretty easy to bot 11:00:31 BlueyHealer: Haha, fair enough. It’s a bit of a dramatic metaphor for 'Network Effect as Legitimacy.' 11:00:31 What I meant is that if one person ignores a CEX ban, they get crushed. But if an entire community builds its own sovereign infrastructure, that infrastructure becomes the new 'standard.' 11:00:31 But let's step back from the 'crime' analogies and focus on the math. As moneromooo pointed out, the friction-security trade-off is the real killer here. If we can't use high fees to prevent wash-trading, and we can't use physical meetups like PGP, we are left with Time and Social Graphs. 11:01:17 Account age is not a meaningful thing to consider. Merely a delay. Network centrality is anothr way to say WoT assessement really. You'd need to define this algorithmically in a way that staves off known attacks. 11:01:34 BlueyHealer: Exactly. The very thing that makes XMR great for daily use (low fees) makes it a playground for Sybil bots if we only look at transaction counts. 11:01:34 That’s why 'Transaction Count' alone is a terrible metric for trust. We have to weigh it against 'Account Age' and 'Opportunity Cost.' > 11:01:34 If a bot has to wait 6 months to gain a 'Trusted' badge, or if they have to lock up a significant amount of XMR in a multisig (escrow/bond) to prove they aren't a throwaway account, the attack becomes much more expensive. 11:01:34 Low fees are for the utility of the swap; but 'Time' and 'Collateral' should be the price of reputation. What's your take on using time-locked bonds as a barrier for new sellers? 11:01:55 I guess social graphs would good but not clear how you get in in the first place. I have this problem with Nebula (you need to be recommended by an existing creator there to join). 11:02:14 Also yeah, age is not as big of an issue, apparently aged accounts are a whole market for astroturfing. 11:02:19 moneromooo: Fair point on account age. An adversary with patience can easily 'farm' aged accounts. 11:02:19 To make Network Centrality more than just a buzzword, I’m looking at Iterative Trust Algorithms (similar to EigenTrust or PageRank). 11:02:19 The idea is: Trust shouldn't be a global score, but a local one. Your trust in a peer is calculated based on the trust scores of the people you already trust. A Sybil cluster can trade with itself all day to boost its internal 'centrality,' but if that cluster has no 'inbound trust' from the established, honest nodes of the network, its score remains zero for the rest of us. 11:02:19 The hard part, as you said, is defining this algorithmically to prevent 'trust bleeding' into malicious clusters. Have you seen any decentralized WoT implementations that successfully mitigate this without a central authority? 11:03:04 That's a good idea. It's also a central thing in the PGP WoT. 11:03:38 oh, that's more interesting 11:04:08 I don't know the WoT beyond reading about it ages ago. I do know there are clique detection algorithms nowadays that are more suited to modern processing power than back in the day. 11:04:57 I'd look into that. Basically take your graph and isolate what seems to be mostly self dealing subgraphs. 11:05:12 There might be better ways, but this seems like a good one right now. 11:05:41 "clique" being a word of art IIRC, so search for it in particular. 11:05:49 term of 11:05:53 That makes a lot of sense. Modern graph theory and 'Community Detection' algorithms (like Louvain or Girvan-Newman) could definitely help us flag those self-dealing clusters. 11:05:53 If we can isolate those subgraphs where trust only flows internally and never connects to the wider, established network, we can neutralize the Sybil threat without needing heavy on-chain 'burns' or KYC. 11:05:53 I’m going to dive deeper into Sybil-resistant graph algorithms and see how we can implement this in a privacy-preserving way. This conversation has been incredibly helpful in narrowing down the core technical challenge. I'll be back once I have a more defined architectural sketch. 11:06:50 I feel like a single worker starting a pyramid, but the blueprints are becoming clearer thanks to your feedback. I'm going to step back, do the heavy lifting on the graph theory side, and see how we can turn these ideas into code. I'll reach out when the foundation is solid. Thanks again for the guidance. 11:06:54 Such work, if public, would almost certainly be helpful, even if it doesn't end up in an impl in the end. 11:07:41 @rbrunner7: I believe it is. 11:07:41 The less Monero is associated with these rubbish J's cryptobro industry, the more validating it is for us. 11:07:58 Also, keep in mind that those algorithms will have to work on adversarial data. This is important, and typically not a focus of research papers (at least not that I've seen when I looked, might be different now). 11:22:16 https://discuss.privacyguides.net/t/onekey-hardware-wallet-mandatory-telemetry-to-cn-endpoints-persistent-device-fingerprinting-and-contradicting-legal-documentation/37536 11:37:18 Guys, I just had a spontaneous idea, I'll write this down and leave. If you see this, please discuss its weaknesses. We can achieve the above situation with a hybrid system. 11:37:18 A decentralized court structure where individuals with high social standing in the community serve as "Escrow/Arbitrators," effectively putting their own reputations on the line. 11:37:18 In short: 11:37:18 Mathematics (algorithms) alone are not enough, and capital (collateral) alone is not enough. The solution lies in the formulaic integration of Capital + Time + Social Proof. If the energy an attacker must expend to deceive the system exceeds the potential gain, the system is secure.[... more lines follow, see https://mrelay.p2pool.observer/e/ueLN5v4KdXBlbXQz ] 11:43:11 Meanwhile, my preference is the decred perspective. 12:28:46 Glowingexplorer 12:48:39 The "pretend to complain about a problem through making a reddit post, then have an associate comment with your service to indirectly advertise" meta is getting out of hand in r/Monero. 12:48:49 Add in AI generated messages for the extra cringe points. 12:54:22 Wtf 12:54:27 I'm giving an example of something that works. 12:55:19 If you don't like it, find another method Descartes 12:55:57 How on earth did you connect my message to yourself ? Read it again slowly. 12:57:14 maybe I overreacted, I'm sorry. 13:05:11 those are nice, happens here to, "anyone ever heard of this [my site]?. i also enjoy the threads for "no kyc swap service for monero???" - their associate will leave a sane comment like beware of scams .. check kycnot.me etc then a month or 2 later edit the (now top) comment to "EDIT* HEDGEHOGSWAP NUMBA 1 13:06:52 or after a large hack/exploits hits the news cycle, a blog post with information about it and slips in 'the hackers have funneled their funds through the nokyc HedgEhoG SWAP!" 16:58:52 plowsof: Dare I say we should have more serious regulation... 18:27:08 hi