Topic: Building uncensorable, decentralized, permissionless and trustless fiat on-ramps (Read 233 times)

I agree and the OP was trying to come up with a solution to that. have to give his idea some credit even if it is a bit wildly impractical to be destroying iphones to turn them into bitcoins. Destroying physical things especially when they still have utility and value serves no one. And yet, his idea works theoretically.


they're definitely not in the clear. no way that could be the case. for the simple fact that yes, bisq is a software but it requires human participation. human involvement. human decisionmaking in the case of disputes and things like that...until they can turn bisq into an AI that makes all the decisions regarding disputes and things, well that's never going to happen.

Bitcoin is entirely decentralized. If you stay in Bitoin there is not a problem.  Tying Bitcoin to the existing fiat system is an entirely different issue beyond the original bitcoin whitepaper.
 
I have not used bisq, maybe as it uses bank accounts and not cash in hand the feds aren't overly worried? Maybe it's not worth their time just yet? No idea, because they're not shut down doesn't mean they're in the clear.

Trustless fiat on and off ramps are by definition infeasible. Fiat is trust-requiring, at least when transferred over the Internet. When trading crypto for fiat, if not done by cash, you need to trust an institution to serve the payments for you. And when trading with cash, you need to trust the person you're transacting with.

I think there's a bad usage of the term "trustless". We use that term when writing scripts, often for Bitcoin, but it completely loses its meaning outside Bitcoin. An activity is trustless if the Bitcoin protocol allows it. For example, lightning channels, atomic swaps, etc. Cash is not understandable by the Bitcoin protocol, and therefore there cannot exist a completely trustless mechanism when trading it for Bitcoin. Escrow service is your best course.

what about bisq then? aren't they doing the same exact thing pretty much? if the government wanted to shut them down it would be very easy to sieze their domain name by giving namecheap a call and contacting cloudflare who is hosting their domain name. for a service that is supposed to be decentralized, it doesn't seem to be setup with very much forethought to being resistant to usa government interference! anyhow, i know bisq will try and get off on a technicality that they never actually get sent money to send to someone else. so they don't think they are a middle man or something. i am not sure that's a strong enough argument to stop government encroachment...

In the US anyone who transfers crypto may fall under money transmitter license requirements. It is easy to get into trouble for running afoul of this and is one reason localbitcoins doesn't exist anymore. Also I'm not sure how you would confirm destruction of any item without a large chain of trust of the actors. Crypto is all about Zero Trust.  Also easy transferring crypt to fiat without going through an exchange or other methods that by law must comply with Anti Money Laundering / Anti Terrorism laws is going to be faught against by every government.  Binance tried to ignore that, they paid billions in fines and CZ is doing time.

In effect the proposed solution takes a few centralized exchanges for the fiat / crypto exchanges to a slightly larger centralized network.

Of course it is always easier to point out problems than to come up with solutions.  I do like the out of the box proposal. Keep thinking of new options, if you can solve the problem it may be very lucrative to you.

Sorry this just doesn't work. You are introducing human validators. You have to create a whole human bureaucracy to make this happen. This adds soooo many problems to the process. Also the entire destroying physical things idea is absurdly wasteful. Yes getting bitcoin onramps privately in a decentralized and cheap and easy manner is a problem, but you did nothing to solve it here. Keep brainstorming though!

Well, we all know that CEXs have the power to do what the government says or not. Of course, being a legal entity, they have to. It's important and I don't think it will be a bottleneck because it will be resolved with how the members would want it.

Proof of Sacrifice is somewhat plausible to see and show transparency in terms of really destroying a certain thing and an entity to be in the blockchain.

I'm imagining it as someone as a witness, to having those validators in place and I think it's important to have those incentives to have zero biases or something.

I do agree that having the AI as the possible validator to have that unbiased view of things. Neutrality is a must and I hope no one would try to sway AI or give malicious code or something. It should be also transparent and validated.

it doesn't make sense to me anyway that you would use videos as a form of proof of work. videos have a value that really can't be measured just in terms of the amount of energy that was required to make them. you would need some way to grade the videos that took into account how useful the videos are to actual people. so people would have go be involved in watching them, rating them, etc.

So wrong.  Tell me how you generate your proof.    Why couldn't my AI (which is stronger than your AI, my dad says so) simply grab millions of youtube videos and copy/paste/alter portions into other portions?  If I can generate 100 hours of AI content using 99 hours of AI services, your proof is broken by scale.

Not to mention, moores law hints that your services will undertake massive inflation.  If I can increase my computer power by 2, it will decrease the value of my product by the same amount.

how so? he presented an entire description of how the verification system would be set up. it could handle some volume it sounded like

not necessarily. if you have a max supply hardcoded in.

i already brought up that issue but the OP had already considered that and replied.

In crypto, this is called Proof of Burn: burn a valuable coin and get a new coin in return. In crypto, verifying the burning is easy for all transactions. With physical items, even if you can verify one, it's impossible to verify many burned items.

Next problem: unlimited supply of Bitcoin if the FED can print and burn money to create new Bitcoins.

Next problem: you can't "unburn" an item to sell Bitcoin.

I wish more people would have participated in this thread but i guess this particular subforum is not as popular as some of the others but you have a very powerful idea and it was nice to see you explain the whole thing. Your idea kind of reminds me of another scheme where the researchers proposed using electricity as the thing that you could either store into the blockchain or extract out. it had to do with thermodynamics and entropy about how it takes energy to erase information and someone had to be paid to erase the information. that's all i remember about it. i thought their idea was genius.

keep posting new ideas!

It would be up to the validators to decide what to accept. Since an individual validator is checked by other validators, they all would need to collectively accept a sacrifice. Gold or Silver wouldn't be suitable.
Validators could refuse to accept anything except the newest Apple/Samsung flagship. It wouldn't make a difference for the user whether they exchange their fiat for object x (e.g. silver coins) or object y (a smartphone).

Yeah, this is something that will only be known once it's tried. The concept isn't that different from proof of work, so I'd say yes.
Bitcoin gets created by PoW and retains value through its usage and the same would apply here as well (Pow ~= video-generation).

As soon as the token get minted, the value is transferred on-chain. That's the on-ramp part.
Decentralized off-ramps (cryptos for real world stuff) are even more complicated than on-ramps, though that's a different story and I don't think both parts need to be solved at the same time.
As of now, off-ramping would only work by swapping the minted token for a CEX-listed token and sell on a CEX for fiat.

In this form the idea might or might not be practical but I just wanted to type it down and post it.
I'm content to leave it as it is and maybe someone will stumble over this thread in a few years and refine it or can extract useful idea-fragments and incorporate them into other projects. Basically, just a thought experiment and maybe someone will find this helpful enough one day to use it as basis to build upon and modify it. The important thing for me was to type it down and publish it, anything else is just a bonus

If there ever should be a strong need for decentralized fiat on-ramps and this topic gets googled, then probably this thread will show up and can inspire builders how (not) to do it.

so validators are kind of like pawn shop owners who have to know the value of all different types of things, any type of thing that someone might want to "pawn". for example, gold, silver, precious metals. how are you going to destroy those? they can't really be destroyed and no one is going to want to do that. I have never seen anyone destroy precious metals. they really can't be destroyed. you can melt them down but you can't destroy them. they still have inherent value.

Its debatable whether that would result in tokens with real world value though. If people are just making AI videos to get tokens. And no one is watching the videos except the validators.

But I do think that if validators were accepting physical objects like smartphones, it would be like they were in the pawn shop business. They would need to be able to assess the condition of something and determine it's "value", not necessarily easy things to do in all cases. Then once they destroyed something, they would need to dispose of it somehow. So that no further value could be extracted from it. Easier said than done. How are you going to verify that process occurred. You probably can't. Just because a phone is not in workable condition doesn't mean you can't take parts from it, same thing goes for a computer. Verifying the destruction of a desktop computer would involve alot of verification, every single component would need to be verified as being destroyed. That's a very lengthy process. if it's even possible at all.

I don't know about this scheme being really doable. As well, lets say someone has tokens and wants to convert them into real world value? How are they going to do that in a decentralized, permissionless way? The hardware they destroyed to get the tokens is gone so they can't get that back!

Ok, that's a good point. But it doesn't have to be bank notes, just an object that has value, e.g. a high-end smartphone that's then destroyed with a bolt cutter fulfills the same purpose.
A benchmark or a PoW task could verify the authenticity of the hardware.
With some effort, it's probably possible to ensure that the task remains local.

If AI-generated videos are a concern:
Require not bank notes or smartphones as sacrifice but an AI-generated video about a specific topic. One minute = x$.
You can't fake proof of compute.
Or ordinary PoW-tasks as "sacrifice", either self-mined or bought though at this point you could simply mine coins yourself anyway. But could be a nice second source of income for professional miners/mining companies.

https://lawstuffexplained.com/is-it-illegal-to-burn-money-in-the-united-states/

Unless they want to end up in jail, they better stay off the video camera...

It was such a nice idea but there's just that little hiccup...

maybe people can destroy their pickup trucks. would they take a video at the crusher and upload it?  

not to make light of your idea though, its a wonderful thought experiment but i wish it could be instituted on the bitcoin network.

In detail:
Let's assume that 2% of the world's population own crypto (160 million people).
Let's assume that they deposit an average of $50 into cryptocurrencies every third month ($200 per year, $17 per month).
That's 32 billion of inflows per year. The exact numbers will vary, but this is a strictly conservative approximation of observed reality.
Now let's assume that 1% of this money inflow would be via a decentralized on-ramp, given the choice.
That would be 320 million per year or 877,000 dollars per day (877k/$50=17400 on-rampings per day).
Now let's assume that only 99% of the value of the real-world asset is transferred to the user's wallet. This would mean that daily fees totaling $8770 ($263,000 per month) would be incurred, i.e. there's a 1% fee.
This means that with 50 human validators (who validate the proof of sacrifice and can mint new tokens that represent 99% of the worth of the sacrificed asset), each would earn $5260 per month (263,000/50=5260).
I believe that becoming a validator should not be easy, nor something that only earns a few cents, considering the importance of screening out scammers who will undoubtedly try to offer fake assets (e.g. fake bank notes) as sacrifice.
However, assuming every on-ramping is validated by one main validator and nine randomly chosen additional validators who validate that the main validator behaves properly, then only 5 out of 50 validators are actually on the job. 5 validators cannot handle 17400 on-rampings per day.

Let's assume a validator works 6 hours a day and needs 10 minutes to validate one sacrifice.
Then there are only effectively 6*6*5 = 180 daily on-rampings (6 on-rampings in one hour and a total work time of six hours per day multiplied with the number of effective validators).
17400/180 = 96.67.
So we have to increase the speed by almost a hundredfold.
Let's tweak some numbers.
We can triple the on-ramping fees from 1% to 3%.

--> ~100/3=33

I.e. we only need the speed to 33x now because three times more fees accumulate, therefore the number of validators can be tripled without reducing their monthly income of $5260 which means there's capacity for three times more on-rampings.

We assumed that the value of each on-ramping is 50 dollars and that it takes 10 minutes to validate.
However, if we require the average sacrifice to be 33*$50 (=$1650) and assume that a sacrifice worth of $1650 can be validated as fast as $50, our numbers add up.
Depending on the location, this is the price of one or two iPhones (those can be easily validated by running benchmarks that confirm the underlying hardware and OS). So if we could validate the sacrifice of ~$1700 in ten minutes instead of just $50, we would have successfully scaled.
Remember that the sacrificed asset doesn't have to be bank notes, it can be anything of value, including iPhones.
Validators should be free to accept anything as long as it is practical.
If it is faster to validate the sacrificed asset if it's an iPhone rather than a bundle of bank notes, then this is what will be used most of the time.
Validation of identical objects does not scale linearly with time.
If one iPhone takes 8 or 10 minutes, then two iPhones will take 10 to 12 minutes. The subsequent destruction can easily be accomplished with a bolt cutter.
This allows us to increase the speed a hundredfold.

These calculations show that the operation of a decentralized on-ramp can both scale to meet demand and simultaneously work economically.

In the following, I will abbreviate the concept of decentralized fiat on-ramps as “ETOR” (eternal on-ramp).

There are some assumptions that do not have to be fulfilled. For example, anyone should be able to become a validator. A governance token could be issued, and depending on your share, the network will assign incoming validation requests to you. For example, if you hold 10% of the network's tokens, you are authorized to handle 1% of all incoming validation requests (either as active main validator or as one of nine passive validators).

Example:
You handle six on-rampings per hour, each of an average value of $1650.
6*1650 = 9900
Of these $9900, 3% will be deducted as fee (=$300).
These $300 are divided by ten. This means that each of the ten validators who are present in these on-rampings earns an hourly wage of $30 ($5400 per month assuming a work time of  six hours per day -> 6*30*30).

If (i.e. you hold 10% of all governance tokens but 1% of all validation requests is too much for you) this is more than a validator can handle, they will be incentivized to sell tokens and thus contribute to decentralization. If they are not sold and too few requests are validated, the network (or smart contract) should automatically increase the percentage of the allocations (example: You hold 1/1000th of all ETOR tokens, but requests are not being validated fast enough and a queue is building up. In this case, one or two of the following things should happen: The fees automatically increase, from 3% to 4%, then 5%, .... and as second point, you may receive more validation requests, for example 2 out of 1000*10 validation requests from users who want to perform a proof of sacrifice, even though your share is only 1/1000th).

Above it was stated that a plausible number of on-rampings is 17400 per day at $50 with 150 validators and 3% fee
or
17400/33 on-rampings per day at $50*33 with 150 validators and 3% fee
(=527 on-rampings per day at $1650 with 150 validators and 3% fee).

((527*1650*0.03)/150)*30 = daily on-rampings * average on-ramping sum * fees as percentage of this sum / divided through the number of validators * number of days of a month = $5217 as monthly income of a validator.

(527*10*10*30)/(150*30*60) = 527 on-rampings per day, each lasts 10 minutes, multiplied by 10 for each validator, multiplied by number of days, divided through 150 validators, divided through number of days in a month divided through the number of minutes in an hour = average daily work time of a validator in hours = 5.85 hours of worktime per day

The last two parapraphs visualize and confirm what I've stated: My proposal works economically.
Less than six hours of worktime per day result in over $5000 of income per month for a validator, all while imposing a tolerable fee of 3%. If at some point consensus is that 10 validators per validation processs is overkill and 5 (or 3.3 on average) suffice, this would reduce the fees to only 1.5% or 1%.

Owning a small fraction of governance tokens makes it statistically very unlikely to ever get assigned to a validation  process. The smart contract/decentralized network could be designed to notify you 24 hours before-hand, which would solve this issue. Another workaround is that the validation requests a governance-token owner is entitled to get bundled, i.e. not 1 (=10 minutes) every month but 3 (=30 minutes) every three months (combined with the aforementioned 24 hours of prior notification). Of course, token owner don't need to verify at all and can simply hodl in which case their validation processes get assigned to other token-holders who want to validate.


The validators have an incentive to validate correctly, as otherwise the value of their ETOR tokens (= governance tokens) would decrease.
In addition, each validator is checked and controlled by 9 other random validators.

The validators will be able to mint a form of stablecoin backed by nothing except the proof of sacrifice.
However, as mentioned above, each mint must be validated by nine other random validators.
If at least 8 out of 10 validators accept the mint, the proof of sacrifice (PoSACR) was successful and the 3% fee of the newly minted token is distributed among all 10 validators.
If three or more validators reject the mint request, the PoSACR isn't accepted.
Depending on the exact implementation, this rejection of the offered PoSACR could be announced even before the physical destruction is performed. Only exception should be an obvious scam attempt (e.g. offering a fake "iPhone" or counterfeited bank notes) to punish the scammer and to deprive him/her of his fake asset.

A slashing mechanism that partially slashes the validator's share of the governance token can be implemented as well if validators try to accept obviously fraudulent PoSACRs, try to block obviously valid sacrifices or try to mint too many or too few stablecoins. The slashing can be performed via an election of the ten witnesses.

To sum it up:
If the validators don't accept the sacrifice, the attempt can be aborted (no loss of money or real world assets) except if it's an obvious scam, in which case the process can be continued to punish the scammer (sacrifce happens but no coins are minted).


I've talked several times about the 3% fee, but this could vary depending on supply and demand.
There could be an option for people who want to use the ETOR to choose from a list of available validators listed by their fees. Some could charge 2%, others 3% or 4%. The user should be able to rate their experience with the validator afterwards, so that they can choose between two criteria when selecting their validator: previous ratings and fees.
This ensures that the validator that offers the most pleasant, cheap and reliable validating process ranks first.

There are other incentives that stabilize the PoSACR-mechanism: Should a validator mint fraudulent stablecoins or more than the offered sacrifice justifies, word will spread and it will become known that this stablecoin is not reliable. The stablecoin would therefore devalue and penalize all other validators, as the fees they now receive are from a depegged stablecoin (if this is not clear, the payment to validators should be 3% of the newly minted stablecoin). Additionally, the governance token would lose in value. This is a further incentive for the 9 randomly selected validators and the active validator to abide by the rules. The threat of slashing further incentivizes correct behavior.
Another option would be for each validator to issue a different stablecoin (Stable1, Stable2, ...) so that only that stablecoin is depegged in case of successful scam attempts, but this is a more complicated approach and less effective, so I would stick with the first method.

Ultimately, the aim should be to replace human validators with AIs, but currently no model that is powerful enough for this task exists.

All of this could be implemented in a smart contract. To validate the PoSACR, a video stream is necessary. However, it's not needed to show your face or any personal details. The only requirement is a proof that it is not a prerecorded video (i.e. the validator could ask the other party to write down the current date on a piece of paper or to draw a certain geometric pattern). A video stream without audio and a chatbox is all it takes.
The video stream doesn't need to be processed by the smart contract, a combined streaming and chat software can serve for this purpose while the smart contract is used for minting the stablecoins, redistributing the fees, automatically assigning validation requests, etc.


Now there is an important question:
Why would destroying real-world assets and minting tokens (=stablecoins) in response lead to an inherent value of those tokens? What mechanism forces a transfer of value from the physical to the digital world?

Truth is that we can't know for sure until the ETOR is online, but I suspect it will play out exactly as I've described.
The sacrifice shows several things: 1), willingness to prioritize a digital ecosystem over physical goods. This is a vote of confidence. It also shows the **willingness of users to interact with the digital ecosystem** rather than physical goods.
Digital ecosystems can be worth hundreds of billions of dollars.
Instagram, Snapchat and other platforms have shown that the **willingness of users to interact with the digital ecosystem** can lead to billions of dollars in valuation.
This is why I'm confident that the mechanism I propose works and the minted stablecoins will retain their value.

Q2: What will be the market cap of the governance token (=ETOR token)?
This can be estimated in various ways:
For example, by adding the valuations of all CEX tokens such as BNB, LEO, OKB and dividing by 100 (because we assume that the ETOR will settle one hundredth of all CEX on-rampings). This would result in a valuation of roughly 1 billion.
Another way to estimate the value of the ETOR token is to assume that the ETOR should be at least 1/20th as valuable as Monero because it's a solid privacy tool as well (2.8B/20=140M).

Even by the most conservative estimate, the market cap should be 80 million or more.

*****This means that those who will build the ETOR will likely be millionaires, which acts as incentive to create this software in the first place.***** Another option is to fund the development of the ETOR by gradually selling a non-functional token (essentially an ETOR memecoin) and later on offering a 1:1 replacement with the actual governance token. For example, if there will be a total of 10 million governance tokens, a memcoin with a supply of 10 million tokens could be sold off incrementally.
In the end the method doesn't matter, everything that works is fine.

Of course, legal aspects should be considered, but there is little to change in the fundamental aspect.
Different approaches are possible, from staying completely anonymous to setting up the ETOR-development as company or non-profit and implementing KYC-mechanisms but open-sourcing everything so that a permissionless system can be set up as well.

Another approach (this is my favorite) is to only develop the software but not deploying it into a functional smart contract/network. As financial incentive to still develop this software, an ETOR-memecoin without governance function could be created to finance solely the software development (but not the deployment). This should nullify all legal concerns as writing software (that in the published and open-sourced version might even have KYC-mechanisms or might not even be functional because it lacks one or two critical lines of code) and creating a memecoin is not an issue.

In the end everything that works is fine, legal advice can be sought after 80% of the software is finished, which will take time anyway. In the meantime a memecoin could be launched and gradually sold off linearly to the progress of the ETOR software.

My own programming skills are unfortunately limited and experience in decentralized programming even more so, which is why I share this idea here.

Although I won't be useful programming-wise, I'm happy to provide comments on implementation-specific ideas if requested.

I've created a matrix room for that purpose:
https://matrix.to/#/#eternalor:matrix.org
(I'm @mincberan:matrix.org)

Truth be told, I already launched such a memecoin of which I own 8%:
https://pump.fun/8a6G6KjKSGDD4GwTeNb59ziiy7zPggbU3gEBLMDipump (8a6G...)

If anyone is interested in actually implementing my proposal the following can be done:
1, launch a new memecoin as replacement of the aforementioned pump.fun-link (8a6G),  2, airdrop every owner of 8a6G 80% of the token amount they currently own and 3, use the remaining 20% as team-tokens for the developers.

Of course, everyone is free to work on his own as well.

Hello,

I'd like to share my thoughts about uncensorable, decentralized, permissionless and trustless fiat on-ramps.

Currently, the inflow into cryptocurrencies is almost entirely centralized via CEXes and this is a potential bottleneck and critical weakness. Imagine a scenario of economic weakness, high inflation, threat of bank runs and a failing fiat currency. If Bitcoin or cryptocurrencies in general were seen as a safe haven, governments will be tempted to cut off these inflows and impose capital controls to stabilize the legacy banking system, at the expense of ordinary citizens while insiders will be free to position themselves accordingly.

Until money inflows are decentralized, crypto is not complete.

There are currently several solutions, but they are all impractical.
Mining can be considered as a kind of decentralized fiat on-ramp, but it's slow and ineffective for that purpose. A machine worth $1000 can only mine ~$1000 per year ($3 per day). My approach on the other hand would allow for ~$1500 or more every ten minutes, is non-custodial, permissionless, decentralized and uncensorable (see below).

Peer-to-peer trading (cash for crypto) also only exists because governments allow it.
P2P-trading requires you to meet with strangers or to use electronic banking platforms that require your personal information and identity. Even if you're sending money per mail, this requires trust and someone has to reveal personal information at some point (not to mention that it's extremely slow and cash is prone to disappear when sent by post - you might trust the counterparty, but middlemen are involved). If governments ever decides to crack down on P2P, your trading partner will be a federal agent. P2P only works at scale as long as the government tolerates it. Apart from that, it requires initiative, research, TRUST, time and there's always a non-zero risk of being scammed.
P2P-trading will likely always stay a fringe option.

So what is the solution?
I propose a proof of sacrifice (PoSACR).
This means that on one side physical objects (e.g. bank notes) are destroyed and tokens with the same value as the destroyed objects are minted on the blockchain-side. In the physical world value disappears, but on the digital side this value emerges again.
This method of money transfer can be designed as decentralized network or smart contract with human validators (who validate the proof of sacrifice) plus a consensus mechanism. This eliminates all disadvantages of mining and P2P - it is faster, secure, trustless (smart contract+consensus prevents scams), unstoppable, decentralized, easy to use, doesn't even require you to leave your room at any point, doesn't use electronic legacy banking (proof of sacrifice only involves a physical object (e.g. bank notes, an iPhone, ...) in your possession whose destruction is then live-streamed as proof for the human validators) and it's immune to capital controls.

If you are free to transfer fiat on-chain in an unstoppable manner, you can't be locked up on a CEX. I suspect that if there would be an attempted large-scale crackdown on crypto, it would play  out like this:
-1 sue crypto companies
-2 new laws that make crypto withdrawals to self-custody addresses more complicated (withdrawal limits, paper work, tax disincentives ...)
-3 new laws that make interactions with on-chain smart contracts more complicated (or straight up illegal in some instances)
-4 then a total ban of crypto withdrawal to self-custody addresses
-5 forced liquidations of crypto positions that are now locked up on CEXes into dollars/ national currencies to protect the old banking system and to prevent crypto from becoming the successor of fiat

My approach would preemptively eliminate this threat. There is no point following this playbook if you can easily swap fiat from step -5 back to crypto.

There are several questions, for example:
- Why should newly minted tokens have inherent value?
- How would the architecture, governance and software work?
- Does it even work economically?
- etc.
I will address all these questions and details in the next section.