Pages:
Author

Topic: GLBSE owners lied to us. How to move forward and fix this? Move to Exchange X? - page 2. (Read 7485 times)

legendary
Activity: 980
Merit: 1040
BFL does not abide to law, its illegal to take order for a product that will knowingly not be delivered within 30days (even if they state so) AND its illegal to accept pre-orders for a non-ready-to-sell product (ie fund development/manufacturing with pre-order money)

Link please?
It seems to violate Paypal TOS, but that doesnt make it illegal, nor does it expose customers to extra risk, quite the contrary.
hero member
Activity: 658
Merit: 500
How about getting some legal advice first? The problem isnt one of technology, the problem is that people seem to think  because its related to bitcoin, laws somehow dont apply. Thats horseshit.  If you want a credible and lasting alternative to GLBSE, you will need to operate within the confines of the law, like MtGox does, like Tangible Cryptography does, like Butterfly Labs does.

Operating legally may or may not be feasible for a security exchange, but its the first thing you should focus on. If you want to do a truly anonymous underground and illegal site like Silk Road, its doomed from the start. If you thought GLBSE was a scammer heaven, imagine a silk road like alternative.
BFL does not abide to law, its illegal to take order for a product that will knowingly not be delivered within 30days (even if they state so) AND its illegal to accept pre-orders for a non-ready-to-sell product (ie fund development/manufacturing with pre-order money)
legendary
Activity: 910
Merit: 1000
Quality Printing Services by Federal Reserve Bank
I spent some time with OT and the Moneychanger client.
Good news is, that someone (in IRC) is seriously considering to set up multiple servers for serious use.

It has potential to become a good alternative but at the moment it takes some serious effort to get it up and running. Documentation how to actually use it is nonexisting.

Getting the client (and server) running needs a good step-by-step How To.
In IRC, we actually walked trough the whole process of getting the client up and running - setting up the first user, "opening" currency and securities trading accounts and even transferring few devcoins between users (nyms?).

I personally thing that OT/Moneychanger is getting ready to be tested not only by programmers/hackers/nerds, but people with real world trading and business experience. If they can not use it for actual business, then what's the point? Smiley  the whole project will be just another fun waste of time experiment and that's it.

Do we have any other alternatives you like to recommend?
legendary
Activity: 2940
Merit: 1090
In some ways it is like MPEX. Every communication between client and server is encrypted from one identity to another identity, just it uses openssl instead of PGP to do that. It is still public key private key style encryption.

This means you always have signed proof of your balance and it also means that the only way your balance can change is if you sign acceptance of the change.

Unlike MPEX all that signing is somewhat hidden, since you don't use a web browser you use a client that knows to do all this signing and the decrypting of the replies and so on.

Sure you could just chat with someone on IRC and agree they will give you a share if you send them bitcoins, but when you do that where are the crypto-signed receipts and agreements showing exactly what you agreed to and that you both agreed?

-MarkM-
legendary
Activity: 1680
Merit: 1035
I think I'm finally starting to understand what the heck OT is, though it still seems a bit cumbersome. I guess with OT, an issuing company would be able to set up its own OT server, and issue shares through that, thus maintaining control of those shares, knowing who has them, and where they were traded to? Or would the shares be freely traded among all OT servers, with the issuer loosing track as soon as the shares get traded on another OT server?

Also, is there anything to prevent someone from issuing identical fake shares on another OT server?

Try reading, you are repeating questions already asked and answered.

Sorry, I have been, but it's been a combination of both, the OT descriptions being rather vague/high-level, and my just having a hard time wrapping my head around them (my own limits). I'm still stuck in the simple idea of "I have a coin/dollar, I send it to you, now you have it, done," and OT seems to offer WAY more complex options (though, in part, I'm also still having trouble figuring out WHY we need those options)
legendary
Activity: 2940
Merit: 1090
I think I'm finally starting to understand what the heck OT is, though it still seems a bit cumbersome. I guess with OT, an issuing company would be able to set up its own OT server, and issue shares through that, thus maintaining control of those shares, knowing who has them, and where they were traded to? Or would the shares be freely traded among all OT servers, with the issuer loosing track as soon as the shares get traded on another OT server?

Also, is there anything to prevent someone from issuing identical fake shares on another OT server?

Try reading, you are repeating questions already asked and answered.

As for identical, that implies identical hash, which implies identical signature, implying they are not fake in fact at all (or the issuer gave someone else their identity.)

-MarkM-
legendary
Activity: 1680
Merit: 1035
I think I'm finally starting to understand what the heck OT is, though it still seems a bit cumbersome. I guess with OT, an issuing company would be able to set up its own OT server, and issue shares through that, thus maintaining control of those shares, knowing who has them, and where they were traded to? Or would the shares be freely traded among all OT servers, with the issuer loosing track as soon as the shares get traded on another OT server?

Also, is there anything to prevent someone from issuing identical fake shares on another OT server?
legendary
Activity: 2940
Merit: 1090
No it is not disitributed, though it is possible the audit system could end up using a distributed hash table.

It is decentralised, in the sense that there can be millions of servers and anyone can choose which servers to issue assets on (among servers willing to accept the possibly huge liabilities involved in allowing third parties to issue assets) or can run a server of their own.

Also FellowTraveler has always planned that once good reliable code for doing multi-signature transactions on the blockchain he will implement some system whereby a whole bunch of servers could all co-operate to control bitcoins so that bitcoins can only be moved if a majority of the involved servers agree how many to move and where to move them to.

Since you don't have to trust the server, you can always just move to another one at any time, and which server you use should not be very important, if one gets killed just fire up another.

-MarkM-
legendary
Activity: 1106
Merit: 1006
Lead Blockchain Developer
By cross-site I meant server to server.  Eg: webserver to webserver instead of OT server to OT server.  And yes, such a cross-site functionality would require the cryptographic layers necessary to be able to trust one another.

Not saying it's simple or trying to downplay OT.  I'm trying to understand OT.  My initial impression was incorrect -- initially I thought it was like bitcoind, where it was distributed and any asset (coins on bitcoind) can be traded about the network without limitation.

Cheers.

legendary
Activity: 2940
Merit: 1090
I don't understand what cross-site has to do with anything?

You trade on one site. Anything cross-site is over the counter, a gentleperson's agreement that if you give me some of X on server Y then I will give you some of A on server B.

What you need to be at all similar to Open Transactions is what would also make you similar to MPEX: cryptographically proven notarised balances, transactions, identities.

-MarkM-
legendary
Activity: 1106
Merit: 1006
Lead Blockchain Developer
That all makes much more sense.

Sounds like OT is the rough equivalent of what would happen if I open sourced LTC-GLOBAL and built in a cross-site trading module?
legendary
Activity: 2940
Merit: 1090
First, your nym would have to be used to issue some number of your asset on each of the three servers A, B and C.

Those issued on A remain on A, those issued on B remain on B, those issued on C remain on C.

Someone wanting to buy one from someone on A needs to either trade something on A for it, or convince the seller to open an account also on B or C so they can give them something on B or C in exchange for the asset on A.

No assets move from server to server, you don't ship grams of gold for example from server to server, you only create that illusion by accepting back from someone a gram on A in return for giving them possession of a gram on C.

GIven fungible assets, the illusion holds that they "moved" their balance of one gram of gold from one server to another. It never moved, they simply traded their gram on one server for a different, but by fungibility "equivalent" gram elsewhere.

If you refuse to issue on B and C then tough, they are stuck on A.

If A goes down, you go issue somewhere else, and since everyone has notarised receipts from A asserting their balance is such and such, they have proof. Though I suppose they could try to cheat by not turning in their latest receipt that reflects the fact they sold some lowering their balance, and instead turn in some out of date receipt from back when they had a large balance.

That is where the audit stuff is intended to come in. You will have complete receipts, posted live to a distributed storage such as a hash table or a p2p file sharing network or whatever, of every receipt they were ever sent relating to your asset.

It does sound like this audit thing will be useful to you when a server crumbles/vanishes so you might well find it useful to issue a bounty to expedite it.

Then again maybe if you make sure you put your server on a machine you physically have custody of you won't need to worry for a while about it flying by night under you.

-MarkM-
legendary
Activity: 1106
Merit: 1006
Lead Blockchain Developer
Huh? I just told you that you can simply grab directly from your server's disk files who owns how much of what.

That also means it is very likely just a matter of a little bit of script writing to write an OT-script to go get that information for you.

ALso that a server operator other thatn yourself could offer to provide that information to you from their own server.

Etc.

The information is there. If you want to print it or email ot or add it or subtract it or whatever go ahead and do so, its not rocket science.

Its like, for nym in nyms do blah blah blah kind of simplicity.

-MarkM-


I apologize.  I was under the impression that your assets could be traded off of your server, to another server, to another server, to another server, etc?  With little to no audit trail?

Example 1: Asset trades from server A to server B to server C.  Server B goes permanently offline.
Example 2: Asset trades from server A to server B to server C.  Server C goes permanently offline.

In those situations, where does an issuer (who issued from server A) get the report of where all their shares are being held?

If I'm mistaken I should probably read through the docs before I make too much of an ass of myself.  I couldn't find anything about the audit trail doing a cursory google search.


legendary
Activity: 2940
Merit: 1090
Huh? I just told you that you can simply grab directly from your server's disk files who owns how much of what.

That also means it is very likely just a matter of a little bit of script writing to write an OT-script to go get that information for you.

Also that a server operator other than yourself could offer to provide that information to you from their own server.

Etc.

The information is there. If you want to print it or email it or add it or subtract it or whatever go ahead and do so, its not rocket science.

Its like, for nym in nyms do blah blah blah kind of simplicity.

-MarkM-
legendary
Activity: 1106
Merit: 1006
Lead Blockchain Developer
But no, apparently that is not how markets are meant to work. You do not get to know who bought what you sold.

This is not correct.

Yes, people using the NYSE can exchange stocks with other users on the NYSE without restriction.

NO, A company CANNOT operate without knowing exactly who their stockholders are.  The NYSE knows at all times exactly who holds what stocks, and provides that information to the companies listed on the NYSE.

I think I have what I needed.  OT as it is currently designed is flawed in ways that make it impossible for legit (legal) asset issuers to utilize it in any meaningful way.  I have high hopes though for future iterations!

Cheers.
legendary
Activity: 2940
Merit: 1090
Open Transactions is not about establishing trustworthiness of asset issuers, it is about not having to trust the server / server-operator.

Your assets only trade where you issue them. Of course people could create assets elsewhere claiming to be pass-through or proxy or whatever of your assets but only the nym that signed the asset contract can issue the asset so your asset, as identified by the hash of its contract that you signed, cannot be issued on any server by anyone other than you (or whoever you gave a copy of your nym's private key to, which is functionally you since by you I merely mean the nym).

So if you don't want to have your asset traded on server X, simply do not issue it on server X.

If you want to know who holds your asset I suppose you could simply retain records of who you sell them to and refuse to aknowledge any purported change of ownership that you did not specifically approve. For example you could insist people sell them directly back to you and have you sell them on to the new owner so that your records will correctly reflect the new owner.

The proposed audit system though proposes to make all receipts available as they happen to the asset issuer, as for example via a distributed hash table or somesuch publicly available but crypted so only certain people can actually decrypt certain items in it (like, eash issuer the things they issue but not what others issue) so if you would like to start a bounty for getting the audit system expedited maybe it could be expedited maybe depending on the magnitude of the bounty. The purpose originally was so you can see that no more of your asset are in circulation than the number you issued. However as its receipts that will be stashed in the hash table presumably you will also be able to harvest the nyms of the recipients.

It seems to be part of the point of the "markets" that you do not know who the counterparty was in any trades on the markets.

A lot of my players objected that that too, as they wanted to pick and choose which offers to accept, not buying from enemies even at lower prices than offered by friends and stuff like that. (Consider for example that your enemy's armies might have pillaged your friend's nation to obtain the stuff they are selling off cheap.)

But no, apparently that is not how markets are meant to work. You do not get to know who bought what you sold.

Like bitcoin, the fact that nyms are pseudoynmous is purposeful, however the server provides no built in way to buy "usage tokens" so you could simply turn on "usage tokens" on your server and only give "usage tokens" to nyms whose fingerprints and DNA patterns you have on file...

That way you would know who each nym "really is", or at least whose fingerprints and DNA they sent in as "proof"; and as server operator you could scan the disk files directly to find out who owns how much of what.

-MarkM-
legendary
Activity: 1106
Merit: 1006
Lead Blockchain Developer
Thank you for the detailed responses.  Really appreciate it.

As an asset issuer is there some tool to contact all of the holders of my assets?  (legit assets will require this legally)

There is a message facility whereby one nym can send a message (in plaintext; it is not stored in encrypted form currently) to another.

So if you had access to the audit data the proposed audit system is expected to publish, you could send messages to those nyms that are shown to have traded your asset.

(Nyms are portable identities, so if the same nym was also present on another server you are also on you could message them there instead or also.)

Would that require having an account on all of the servers your assets have been traded to?  Or does the message automatically follow along the same path from server to server that your asset followed as it was traded?

Once an asset is issued on one server, can it then travel unfettered from server to server?  If it can hop from server to server, is there any way to locate it?

The asset contract can be imported to any server that lets you issue an asset there. Accounting for between-server transfers would currently be up to anyone who has accounts on both servers; they could agree "send me one AssetX on this server and I will send you one AssetX on that other server" for example. This is something the third parties who help people into and out of the markets will likely do in addition to selling people tokens for fiat and fiat for tokens.

As for "locating" assets, the GUI client has a list of your accounts, each account has an associated nym and server, so you can see what balances you have regardless of which servers your accounts are on.

I was referring to locating holders of assets you have issued.  There's lots of situations where that might be necessary, eg: if you issued assets requiring a forced buy back option.

Most of this is regulatory crud that is way beyond the actual lets keep track of balances and implement blinded anonymous cash tokens stuff that Open Transactions implements. It probably belongs in the audit processes stuff, which will be coming once we have the actual ability to reliably do something worth auditing down pat.

If you want KYC and AML etc why not just go with one of the existing banking systems (cyclos etc) and/or trading systems (cetera etc)?

Yes.  I want to (ultimately) legitimize asset trading using BTC.  Trying to figure out if that's possible with OT.  Without the ability to do the "regulatory crud" your audience becomes somewhat limited to just people that want to trade anonymously?  That makes it a little harder to establish trust in your Asset Issuer, which is imperative, as you mentioned before.

Cheers.
legendary
Activity: 2940
Merit: 1090
If an asset issuer can issue assets on unlimited servers, is there a way to track and consolidate that information?  Eg, I want to find out what all this asset issuer has issued, is there an easy way to do that?

Obviously not. If a text author can publish text on unlimited webservers, is there a way to track and consolidate that information?

Well I suppose there is Google, if they made sure their pages are legible (e.g. not hiding their text as an image and fuzzing it to make it hard for optical character recognition to read it etc).

So maybe if google could find you every Open Transactions server, including those on i2p and Tor (oops, tricky that), and then you bought usage tokens on all of them so you could go and interrogate their assets, even then if a person issued assets using different nyms (and thus, different asset-contracts) you could not tell they were issued by the same entity.

It is kind of a silly question really. Laundering / concealing has been going on a long time, you are not magically going to be better at tracking it than the FBI and Interpol and similar agencies.

YOU HAVE TO TRUST THE ISSUER. If you do not, do not buy what they issue.

Is there anything preventing an asset issuer from making thousands of issues under different credentials?

Same thing, different wording.

The server operator can disable creation of assets. That would prevent anyone issuing any assets at all, except for one nym the config file says can over-ride such restrictions. So unlimited issues/assets can be restricted to/by the server operator.

For example on my server, issuing of assets is turned off.

Does the tracking of the assets issued in the system give me the tools necessary to do research on the financial history of those assets?  (Eg: dividends, additional issues, company records, buybacks, etc)

Open Transactions is not based on history. The last receipt IS the balance, so no history is needed.

When the auditing stuff is added though, maybe anyone who wished to do so could archive all the audit data.

Also, come to think of it, the markets do have a "recernt trades" readout, I am not sure what they mean by recent, its possible they mean forever as in for all I know there might not be any code in place that removes old entries. Or maybe it has only so many entries. I don't know exactly how that is implemented.

Can I track assets traded by IP address or is there some other way of determining a unique origin?

Origin sounds like 'nym: the pseudonym that issued or transfered something. Like bitcoin addresses, they are unique but there is no need for any individual or entity to limit themself to only using one of them.

If you are running the hardware the software runs on you could log IP addresses that connect to the port the software listens to I suppose.

As an asset issuer is there some tool to contact all of the holders of my assets?  (legit assets will require this legally)

There is a message facility whereby one nym can send a message (in plaintext; it is not stored in encrypted form currently) to another.

So if you had access to the audit data the proposed audit system is expected to publish, you could send messages to those nyms that are shown to have traded your asset.

(Nyms are portable identities, so if the same nym was also present on another server you are also on you could message them there instead or also.)

Once an asset is issued on one server, can it then travel unfettered from server to server?  If it can hop from server to server, is there any way to locate it?

The asset contract can be imported to any server that lets you issue an asset there. Accounting for between-server transfers would currently be up to anyone who has accounts on both servers; they could agree "send me one AssetX on this server and I will send you one AssetX on that other server" for example. This is something the third parties who help people into and out of the markets will likely do in addition to selling people tokens for fiat and fiat for tokens.

As for "locating" assets, the GUI client has a list of your accounts, each account has an associated nym and server, so you can see what balances you have regardless of which servers your accounts are on.


I'm asking seriously, as those are all issues I'd need to address if I were to try to setup a legitimate exchange backed by OT.

Most of this is regulatory crud that is way beyond the actual lets keep track of balances and implement blinded anonymous cash tokens stuff that Open Transactions implements. It probably belongs in the audit processes stuff, which will be coming once we have the actual ability to reliably do something worth auditing down pat.

You could however set a loglevel on your server that details blow by blow everything the server does down to a level of detail you want, and use log-parsing and log-grepping etc type of tools to extract any information you want from the log.

Really the initial stages of development have been more about making reliable anonymous transacting without trust possible.

If you want KYC and AML etc why not just go with one of the existing banking systems (cyclos etc) and/or trading systems (cetera etc)?

-MarkM-
legendary
Activity: 1106
Merit: 1006
Lead Blockchain Developer
Quote
Hi! May I ask you if there is a way to obtain the list of my shareholders with an API call?

I want to have a hourly backup of that list, with an identifier like the email, the amount of shares and at what price (maybe weigthed average price)

Thanks.

See the "Account" page when logged into your asset issuer account.  You'll find a link in there to an API output formatted in JSON like so:

{"owners":{"[email protected]":"1","[email protected]":"260","[email protected]":"80", ... },"ticker":"LTC-MINING.LTC","_comment":"cached up to 10 minutes","generated":"2012-10-06T23:32:59+01:00"}

DO NOT, UNDER ANY CIRCUMSTANCES SHARE THAT URL.  It has a very long API key, but if you let that get compromised, people will be able to see who holds your security.

This was the last piece to the "What do I do if LTC-GLOBAL ceases operation?" puzzle.  From here on out, all asset issuers can download their list of asset holders in an automated fashion at regular intervals.

I have also added the time to the top of the pages.  The time displayed takes into account your Account Timezone setting.

Cheers.


Continuing beyond the death of the exchange should not be rocket science.  Smiley


Ok when it is possible to issue on several servers is there a way to synchronize this ?

Not sure what you mean.

If you want to issue 100 shares on one server and 200 on another and 300 on yet another that is purely up to you as issuer.

The current GUI client would let you see all three issuer accounts on your list of accounts, and on clicking on any of them you'd see which server that account is on and which nym you used to create that account. So in that sense your client provides some "synchronisation" for you.

It is merely a "test GUI" client for your programmers to look at to see how each function is coded, they can surely make much more specialised functionality for you once they see how the code works and you explain what exactly more you would like them to code into it.

A specially for issuers client might well have very different setup than one for grandmothers to use...

-MarkM-


If an asset issuer can issue assets on unlimited servers, is there a way to track and consolidate that information?  Eg, I want to find out what all this asset issuer has issued, is there an easy way to do that?
Is there anything preventing an asset issuer from making thousands of issues under different credentials?
Does the tracking of the assets issued in the system give me the tools necessary to do research on the financial history of those assets?  (Eg: dividends, additional issues, company records, buybacks, etc)
Can I track assets traded by IP address or is there some other way of determining a unique origin?
As an asset issuer is there some tool to contact all of the holders of my assets?  (legit assets will require this legally)
Once an asset is issued on one server, can it then travel unfettered from server to server?  If it can hop from server to server, is there any way to locate it?

I'm asking seriously, as those are all issues I'd need to address if I were to try to setup a legitimate exchange backed by OT.

Cheers.
legendary
Activity: 966
Merit: 1000
Yeah I want to use Open-Transactions for my asset (RSM) if I can figure out how to and its not too difficult for shareholders.

I don't know exactly Open Transactions, but if it requires something like signing documents with PGP, then it is both
1) quite scary the first time you see it
2) easy, after you spend 5 minutes figuring it out with a good howto.

Maybe, having money to recover is just what it takes to push people to make that little mental effort, and move in the realm of serious security at once; so, a great opportunity  Smiley

We figured out bitcoin, didn't we?  Why should this be any harder?
Pages:
Jump to: