Encourage usage of Bonded Reputation by calculating a score for all offers #138
Comments
|
I like this proposal a lot.
This is probably the most delicate part of the proposal. I think that active users of fiat payment methods will be very interested on protecting their bank accounts from interacting with untrustworthy peers. This feauture would be very useful for this, but at the same time it would split liquidity. |
|
This proposal benefit the BSQ rich users. It also implies an unnecessary dependency to DAO and likely Github users as well. This makes Bisq trading a more dependent and centralized solution. Furthermore we think this is negative for exchange liquidity, which is poor as it is. |
|
I can only hypothesize for the general user base, but for me, the greatest friction/hesitation is fear of an unscrupulous trader. Reputation seems the obvious way to alleviate that concern. |
For the general user base a neutral reputation system is needed. What metrics are available? Account age and number of trades. The latter is only partially implemented and could be used more instead of narrowing the user base with bonds. |
I think a variety of mechanisms are needed. Deposits and account aging were the original ones, and they've worked reasonably well. Account signing is another one, and additional methods for getting accounts signed are in the works. Bonding is another. Perhaps there will be more. In this case, I think variety is good. Over time we'll learn what tends to work better. Bonding strikes me as particularly elegant, as it completely avoids the mess of dealing with fiat banking that account signing has to handle, yet provides even stronger protections. I happen to think an additional confidence mechanism like this would be positive for liquidity, especially if it's one active market makers would prefer.
You can "buy in" to the network with time (account aging and single-account signing) or with identity (2FA account signing). This proposal would simply add a financial means to the mix. To my knowledge, BSQ is available to anyone who wants it, and this proposal wouldn't force anyone to use it, so I see this as a shallow criticism. |
|
@Bisq2People
That could be easily gamed by self-trades. |
|
Bonds are heavy committments. With BSQ bonds it is equal to membership stakes = centralisation. |
|
@Bisq2People how much of a bond is too heavy of a commitment? 10 000 BSQ? 500 BSQ? 50 BSQ? Is the "heaviness" of a commitment something you alone can determine, or does it vary from person to person? Is such a commitment still "heavy" if there are other options for the user, and they're not compelled to use it? How are bonds "equal to membership stakes" if anyone, contributor or not, can buy BSQ? |
|
Now if one doesn't can or doesn't want to participate one is "null". And one is going to show it in a dispute to gain more trust. Honestly?!? Also please see the difference in buying a trade token and holding a bond or stake. |
|
@Bisq2People you didn't even try to answer my questions. To me, your unwillingness to clarify your own statements indicates your feedback isn't serious. Therefore, I am forced to disregard your posts as unproductive noise ✌️ |
|
It is your own questions. I don't have to answer them. You are talking to a customer now... |
|
@Bisq2People From your style and behaviour it seems you are the same person who got banned recently. You are welcome to contribute to Bisq but please take feedback from people who work already long time on Bisq and have produced a lot of value serious. Most of those contributors disagree and even don't see any sense in your proposals and ideas. This leads to the situation that you occupy time/energy/space for those who do real work on Bisq. Try to formulate your ideas in a rational well articulated way so others can follow it. Have respect for things you might not fully understand. Most of us are not posting on the Bitcoin Core mailing list because we respect that this is a space for highly knowledgeable developers and most of us do not feel to be competent enough that we should participate there. That does not mean we are dumb, it is just a matter or respect. If you do not change your attitude I fear we need to unfortunately ban you again. Github is our work area and pointless content feels like spam. |
|
Me and others are providing feedback and just trying to help. I can leave and cancel my issues now myself instead. |
|
This is a very interesting proposal which I think would definitely put more people at ease regarding trades currently seen as high risk. On the other hand it could potentially introduce a new "attack" vector to be used by malicious users. |
|
This looks like a nice way to explore how Bisq v2 would work. There's one thing that worries me though.
Usually, bonded roles have high stakes for many time. There are not many contributors with bonded roles. Signalling them in the app is a good measure for their privacy? Unless this bond is already something everybody can know matching Bisq client's information, this doesn't add very much value (they would already have 5 stars) while is compromising privacy.
F2F payouts are very difficult to judge because there's no way to provide reliable proof of payment, so DAO wouldn't have a way to decide what to vote. The only way bonded reputation would make sense for this payment method is if both traders agree to a mutual assured destruction protocol, meaning both of them should lose something if one of them wants, and that could be done just with trade deposits. |
|
@wiz
Potential showstoppers:
This could be only mitigated if we would link the tradeStatistics into the mix, but that would decrease privacy. It could be done by adding the bond hash to the tradeStatistics extraMap and users could look up that data to see how many trades have been done in the recent past and which trade amounts. Then still there is no clear information when a trade has been completed.
If we cannot solve the last 2 points I fear the whole idea renders itself less useful and potentially harmful (giving wrong impression of security). |
Is this point relevant if the previous point is solved? Apart from that, could it be possible to configure Bisq to only accept takers that have a Bond or Bond Score greater than X? (this could be also applied to signed accounts as described in #133).
I think that privacy concerns are important, but we should realize that once the API is running it will be very easy to track trades by onion addresses anyway and build personalized statistics. Also, from my experience in financial markets, where order books are much more crowded (i.e. more anonymous than Bisq from the perspective of other traders) and also data is more opaque than the information available in Bisq, active traders are still identifiable by other professional traders by their behavior patterns. We all have behavior patterns that can be easily spottable for people that spend 10 hours a day looking at offer books for many years. However, it is very difficult to identify ocasional traders that trade just every once on a while, as their trades get diffuminated amongst a large number of trades from other market participants. Therefore privacy is mainly a problem for active traders. Changing onion addresses frequently would not help much as the account signing process makes it difficult to change payment methods and only the account age data could be enough to identify a trader, or at least it would allow to narrow a lot its identification. The very nature of fiat payment methods makes privacy very difficult, anyone could harvest personal information by trading / probing with many peers and then use the information available in Bisq to pull the thread to identify all his offers (i.e. country of SEPA Account, BIC, account age....) In conclusion, IMO privacy in fiat pairs is not fully achievable even if you are a very occasional taker, and it is almost an oximoron for active makers. So maybe for active traders and market makers we should try to keep privacy as good as possible, but focus more on their reputation and security, as they are centralized points of liquidity within Bisq fiat pairs. It is not positive at all for Bisq that they easily get in trouble with their banks as they might get their fiat accounts easily closed just upon one or two incidents. |
|
@mpolavieja The trade off between privacy and reputation is a difficult one. I think we need to give enough flexibility to the trader to choose what is more important to him. Pro traders might have less privacy requirement anyway as they need to run it as a business to not get into tax/legal troubles. My main concern is still that the pending trades are not covered and this would lead to a false signal of security which can be easily abused by a scammer. I see that problem as a showstopper for that proposal as I think it would create more harm as it helps. |
@chimp1984 But as I understand the solution to cover pending trades is not ready because we have not found a way to do it without compromising privacy, correct? |
|
We could simply require takers to have a bonded reputation score before they can take an offer from a maker with a bonded reputation score, then everyone has skin in the game. |
Yes. |
Only having a bond would not contain info for how many trades he uses it. a 1000 BSQ bond for a 0.01 BTC trade is a lot but for 10 times 0.1 BTC trades its nothing. |
|
Ok. So then privacy is the main issue. As I see it, we have already made an implicit decission towards reputation and sacrificing privacy in several aspects. For example, for account signing. Let´s say you have an account with an age of 1237 days, how many users have that same account age within Bisq? What I mean is that maybe we should assume that setting up a bond necessarily implies a tradeoff in favour of reputation and detriment of privacy as older trades have to be considered for the bond. I would add also, that if I put myself into the point of view of a thief I will tend to assume anyway that those with higher reputation, no matter which reputation system and how private it is, are more likely to have more money than those users with lower reputation. |
Why does that matter? This isn't a security feature, it's more of an indication that the person is not a newbie and is serious about trading on Bisq. The usual security features of each trade, as well as the dispute resolution methods, are not affected by this proposal. |
I think that what @wiz is saying here is more than fair. If trading limits are not lifted early because of having a high Bond score, this proposal has no problem at all. The discussion has evolved outside of the scope of this proposal into the "off-chain trade protocol". I still think that the discussion is necessary but maybe this is not the place because implementing this as @wiz has suggested does not give any false sense of security, it is useful on itself, and it could provide very valuable feedback for the off-chain trade protocol. |
|
To be clear, this proposal literally does nothing except display some stars next to offers if the maker has a bond posted. That's all, purely informational in nature and no security of any trade is affected. |
No, the main issue is that it gives a wrong signal and is potentially harmful. What is the goal of the bond? To indicate that you can trust the other trader to not be a scammer, right?
For bank chargeback I think the only real threat is the "stolen bank account" scam as we had in April. "Friendly chargeback" (calling bank to make a chargback) happens super rarely and the banking system prevents enough that this will not become a systemic problem (you cannot repeat that scam otherwise your bank will make you problems, in most countries/banks you require some evidence like a police report for a severe reason). For the "stolen bank account" threat we have the account signing in place. What would be nice is to have additional ways to get lifted one's limit faster/easier. Does that proposal be able to be a candidate for that? Is that proposal good to protect sellers (as maker) from malicious buyers (as taker)? Is that proposal good to protect sellers (as taker) from malicious buyers (as maker)? I think as it shows that even we need to discuss that so much to make it clear (and only one reviewer - @MwithM - has seen the problem), it shows that this is dangerous to mislead traders in wrong assumptions of security. People would also misinterpret it to help in cases of "lazy" traders who could get punished by that - but that is impossoble as without clear evidence we cannot confiscate. But more importantly the scammer might have it easier to get traders as users would trust that bond, which is not covering at all parallel trades. |
People will interpret that information. And they will mis-interpret it as security feature and that will help a scammer. |
|
@chimp1984 What are you talking about? If you post a big long-term bond, you get a star next to your offer, that's the entire proposal. This proposal doesn't introduce any new security or privacy implications on trading on Bisq. It literally changes nothing. |
|
Just to make clear I NACK that proposal for above reasons. There still might be the valid use case for account age signing limit lift, but that requires more analysis. Additional to the above reasons there are more downsides which would require clear benefit to justify a trade-off.
|
I understand now @chimp1984 and @MwithM concerns about this proposal. Given that pending trades are not going to be tracked against the bond so the rating does not objectively provide more security, it can be counterproductive as users will interpret it as secure. Most users will just look at the stars without really knowing what is behind. Setting up a bond shows commitment, yes, but not necessarily commitment towards being honest. A scammer can use it to buy reputation if it is profitable for him. |
|
Bisq already has a reputation score system now and we use it all the time. Every time I trade with these people, my "score" for them gets incremented. My proposal is that if they have a bond posted, or if they are a regular contributor to Bisq, and they have opted-into advertising this fact, it would add a ★ badge on their avatar like the number is now. That is all I am proposing. There is no security or privacy risk. If you don't want to use it, then don't use this feature.
|
|
Additionally, we could implement this an advanced feature that's not enabled by default. In the settings, if you enable this feature, a popup would explain to the user that this is not a security feature, to prevent any mis-interpretation of what the ★ means, and @chimp1984 can decide the text for the popup message. |
|
I have followed the discussion and I think there is some merit to the proposal. The drawbacks seem to balance that out in favor of not going down this route though. I think the money would be better spent elsewhere. The main arguments against for me are:
|
|
Well, after lots of discussion it seems there are a lot of good arguments both for and against the proposal. The DAO stakeholders can vote on this proposal in Cycle 9. |
|
Rejected on DAO voting - Cycle 9 |
|
I had not seen this proposal before. It definitely has a lot of merit and I hope that after more discussion some version of it is brought forward again... I see a lot of potential for BSQ bonds to be used this way. Congrats @wiz I had no idea this was possible. I also like the "decentralized reputation" that repeated trades with the same counterparty creates. I personally use it to great effect. There should be some way to leverage that... |
|
Apparently, there are quiet a few Traders bonding for a reputation bond. Is there a specific reason why they do this? I mean, the bonded reputation in the DAO doesn't have a benefit (yet), right? |
|
I think a few have done it for the buy-bitcoin and buy-bsq channels on Keybase as these are small OTC transactions that take place with no security deposits. |
and others
Background
The Bisq DAO has a really cool but completely unused feature called Bonded Reputation. It allows you to lock-up any amount of BSQ for any amount of time, tied to your cryptographic identity. While the BSQ is locked up, anyone can make a DAO proposal to confiscate your BSQ bond, allowing you to stake BSQ for reputation. Contributors who perform bonded roles for the Bisq DAO have also locked up BSQ to stake their reputation.
Proposal
Calculate and display a 0 to 5 score rating for all traders, and display it next to all of their trade offers, next to their avatar. For example something like this:
☆☆☆☆☆ # user has <1X BSQ bonded or bond is for <1Y days
★★★☆☆ # user has >3X BSQ bonded and bond is for >3Y days
★★★★★ # user has >5X BSQ bonded and bond is for >5Y days
Parameters could be configured, for example:
X = 1000
Y = 30
Implementation
The score of 0 to 5 will be calculated from a blend of both the amount of BSQ and the lock time of the user's bond(s). Bonds which have less than 30 days of lock-time will be ignored.
The icon should indicate the maximum score if the user performs a bonded role for the DAO, since they are trusted by the DAO as a contributor.
Allow sorting the table by bonded reputation amounts/times, and make this the secondary sort order after price (i.e. if two offers have the same price, the bonded traders' offers would appear higher)
Add an option to disable or hide offers from users who have a Bonded Reputation Score less than X.
Display the Bonded Reputation Score to mediators and arbitrators during trade disputes.
Other use cases
In the event of certain network events, the user's Bonded Reputation Score could be used to prioritize their mailbox messages.
For risky payment methods, such as F2F cash trades, we could require minimum Reputation Scores to create offers for certain countries.
Probably lots of other use cases!
The text was updated successfully, but these errors were encountered: