Topic: Syscoin vs Bitbay - page 4. (Read 13147 times)

I'm not familiar with the binary options market. How fast does a trading platform need to be for it to work there?

Also one last thing, I don't give the option of AE because of all the reasons mentioned. Just the say way I don't encourage any system that is broken by design.

I don't vote, don't want to live on grid, will not support military and generally will never support systems that fail us all.

Lastly escrow is a head ache. It's an entire extra layer. I've got other things to code. I sympathize with the idea but honestly I didn't work myself sick to change society just to encourage the same system I'm trying to replace.

That makes no sense. Escrow is limiting, DDE is not. As DDE can be used in barter, smart contracts, employment etc

Why would we offer both if one is clearly better? Why should users pay escrow fees, deal with potential loss. If they want that I recommend eBay.

There is NO CENTRAL SERVER in DDE. Please i beg you stop just stop arguing about things you don't know about.

There is no "marketplace wallet" what are you talking about? Each peer holds one key to a joint account. Go read my whitepaper from 2 years ago

I've been working on this software for almost 3 years well before Ethereum was conceived. If you argue learn first, don't just talk for the sake of it.

DDE keys and all info is held by only the two peers involved arranged by email or Bitmessage. No blockchain is involved. You can't touch those deals. I don't care if you are the Internet King or nsa. Just stop.

Of course DDE would have prevented all the loss.

And I didn't pull the 50% number from thin air. Yes it's an estimate, it might be 30%. Don't make mountains out of molehills.

Add up SR, Sheep, Mt Gox, Cryptsy, BTER, Mintpal thefts and you can see for yourself.

I've had enough of this debate. Have fun caring more about be contrary.

I bet if I asked you to argue in favor of DDE over AE you could. You are only defending nothing.

With no interest in the truth.


The two things should never be compared. There is no third party in DDE what is so hard to understand here?

It's clearly superior, comparing it with escrow agents is a joke. Nobody here has denied SR theft, Mt Gox theft, all third party theft.

Nobody here has denied empty box scam

Nobody here gas denied 2 of 3 collusion scam.

And 2 of 2 escrow has none of those drawbacks other than the fact that merchants put a deposit up. Cry me a river. Jeeeez.

Also I've got so many safe guards in Halo like autobackup, filtering chat in escrow, so many beautiful details that you guys don't know because anyone arguing against it have not even bothered to test the software.

Are you planning to set up a Website so that others can place bets like you're doing?

I'm very serious about this question. You've just tapped into a potentially huge use case for Bitbay: binary options in a more-or-less trustless environment.

we are already on 0.12.1... it takes months to do the port? Anyways that's a big drawback in my opinion.. I spent alot of time writing unit tests for sys services for this very reason.

Yeah porting to the latest code base is always a painful job.
We are excited about the latest development of Blackcoin, they are porting it to 0.11 which already quite the upgrade

Anyways I'm out, I've discussed my concerns.

On you go ol' chaps!

Yes.

Yea the clients (buyers) IP addresses can be found if they click these links unless using TOR and using it properly... TOR it works OOTB, I'm putting up trusted onion nodes as people start to join in., the beauty of being able to keep  up to the core is to leverage the new btc core features.. something you have backed yourself in the corner with and David aswell because Blackcoin is not really supported much anymore (I tried to do something as simple as do the Azure scripts for BLK and no-one from the community stepped up to even help, was asking on their IRC for days)... with POS its harder to keep up to date with btc core. Original POS code was pretty shitty to say the least there's no way a person can re-port bitcoin to major releases without a full days work with headaches.

Things that are clearly illegal we will be filtering it out for regular users through a "safe-search" feature. Those images won't show up for clients to click on anyway. We do have a EULA in our client, and its not our job to tell people that they will be tracked if they sell something illegal, we don't condone it. It's pretty probable that someone will de-anonymize SDC to make an example out of one person who's pushing the boundaries of what the government cares about. There goes the project. We are focused on real goods for real people and darknet stuff is possible but not condoned, its up to the user's acting in such activity to act in a way that preserves their anonymity.

Syscoin by a MILE.

Bitbay done like dinner since the start. Crap.

Though SYS is still manipulation city and shady (except for Dano)

You and I both know this 50% number is something you pulled out of thin air, you have no way to say concretely it was 50%, 10% or 90% that were in arbitrated escrow.

Who is dadon? Lets say DDE was in play on Silk Road. JUST DDE. No decentralized marketplace- as I included in my first statement. So the funds are locked until the buyer confirms merchant has done their part, and then they are released.... but still held on a central server until the merchant transfers them to their personal wallet, away from the "marketplace" wallet. If the operators up and runs, funds are still gone, DDE in and of itself doesn't help.

DDE only helps in scenarios where its accompanied by the decentralized marketplace. If both are in use yeah there is some mitigation but the decentralized marketplace itself is more a mitigating factor rather than DDE (or AE). Yes as you've argued AE+Decentralized can be exploited if people are foolish enough to trust the wrong person. In dark markets there aren't options, in eBay there aren't options re: who is arbiter, in Syscoin there are. DDE+Decentralized has its own downsides I've already outlined several times. Forcing users to use one or the other simply because its your opinion is shortchanging users.

As I said we're going to give users options on the Syscoin platform, which I think is better than no options (DDE only. AE only.)

Sid how can you say it doesn't work for bigger transactions that's utter bullshit(if you dont mind me saying). I just spent two very long comments explaining that it does. Even gave really high ticket examples.

It's AE that doesn't work for either. More money on the line doesn't make AE safer where is the logic in that?

And you really want shipping companies inspecting every package? Too much intervention, big brother, extra cost, not needed in DDE at all.

Why are we comparing escrow to escrow-less transactions when there obviously is no comparison. I'm sorry but I can say more than I've already said it would be redundant. Fun to chat but not when my points aren't being completely listened to.


By the way we do use pastebins for images in Halo. But it's optional and I will add a Tor option for outbound web requests. If you send without pastebin it's a lot of POW, Halo sends by POW of pastebin is down. Perhaps if I move Bitmessage to locktimes POL instead of POW then I could encourage less paste bin. In private email contracts no pastebin is used. Image is sent by email.

You didn't understand what I wrote or you just didn't bother answering it properly.
I'm worried about noob users that connect to the market with or without tor and view an offer (made by the attackers).

If you're not handling Tor properly you're actually increasing the risk to your system.
You're opening your users to attacks that you may disregard as improbable or paranoid but it is a reality.

First read the papers I have shown you.
They will give you a better idea about the fingerprinting attack through the cookies.

Also using centralized image hosts, you're still not mitigating the risks properly. EXIF data is not deleted on all image hosts, which potentially reveals GPS coordinates, camera details, and all the other nice little details you wouldn't want others to know.
http://www.exiv2.org/sample.html

Are the messages for ever stored in the blockchain and/or are they prunable?

You are correct. In empty box scam, both victim and assailant know the truth and so it falls on them to punish each other or sort out their differences... Aka claim postal insurance.

Dadon said the same loss would have happened in silk road with DDE?

That is the most ridiculous thing. Dadon you know that is not true.

There is no escrow in 2 of 2!!! It's peer to peer. What on earth are you thinking?

If Mt gox silk road sheep market used DDE then 50% of Bitcoins would not be in the hands of thieves.

Let me repeat that Mt gox stole almost a billion dollars of btc!

Mt Gox stole wires as well which if Karpeles did DDE for wires (which is the only way in the world to do trustless wire) then nobody would lose a wire

In DDE each peer holds their key so unless the government raids a million houses to steal each key hidden in an image I think not.


Also Dadon you don't seem to realize the exit scam can also happen to buyers.

True buyer chooses escrow agent(much better than OB) but seller can be managing 50 different escrow agents and get lucky enough to be paired with himself and 2 of 3 he keeps the coins.

And the rest of my statement stands when hight ticket AE would be many magnitudes more dangerous


Also the flexibility of DDE has been covered already, there is custom deposits, guarantor contracts etc

You guys mentioned how merchants can't lock up so much but they don't! They only lock up what their volume is. If you do 1000 dollars a week in volume then you may have 1000 locked up. But if you do 1k a week, you definitely should have funds for deposit.

Merchants pay insurance, escrow fees, fight arbiters on import fees, the list goes on. In fact if all the world's merchants knew Bay existed and it charges zero fees of course many people would use it.

The problem is lack of education and lack of marketing.

And lastly true merchants don't clammor for it but they should. This is more of an ideal change for society, eliminating courts entirely. As the entire legal system forms the cage of enslavement and eliminating biased judges is the way out.

Also DDE is the first agreement in history not backed by a gun. Behind every lawyer is a gun. So the world's first peaceful contract.

Also like Sid said shipping confirmation on blockchain is a very very bad idea. Since I can weight the box down with rocks and trick the blockchain with a valid shipping with correct weight. Free anonymous crypto money!

And just because this is the "exception" as in not everyone is a theif doesn't mean it doesn't happen. Just last week someone stole my ladder and my hoses and septic lines out the back of my truck. Who would want those septic lines? I don't know maybe a crackhead. But I was pissed. And I have things stolen from me all the time. Even lost many btc on exchange hacks.

It's a fun debate but if you don't see it by now then I can't state it more clearly. It's all fun and games to defend your project. But I'm not talking about Bitbay or Halo here... I'm stating why I worked on this in the first place which was to inject a new idea into society. It doesn't surprise me in the least that people fear DDE irrationally. People will fight their own freedom tooth and nail.

It's not my goal to change people's minds or hearts. The goal is to clearly express the idea and make sure it survives and hopefully convince Sid to add it to his system.

Additionally image hosting isn't centralized, its technically scattered across whatever various servers users decide to hose their images on, SYS just has a link to this
I get what you're aiming at but in reality only a few major image hosts will be used.

Yes I was indeed referring to that. There are ways of correlating IPs to purchases, it's not a difficult attack.

First you use the image attack I proposed above, you have an IP address. You connect to the node if it's a clearnet IP and flood the address list with huge amounts of non existant nodes +  online malicious nodes that are always online. You can use the address list as a "cookie" to detect if a user pops up again (because their list is filled with the fake non-existant nodes), the cookie attack even works the best over Tor.

Basically you force the node to only connect to computer you operate.

The attack is described here, I won't go into the details:
https://arxiv.org/pdf/1410.6079.pdf

Another good read on possible attacks is:
https://arxiv.org/ftp/arxiv/papers/1510/1510.07782.pdf

If the node you're trying to attack is only connected to your malicious nodes, you know exactly what transactions go in and out. So if the user does a new transaction, the attacker will know.

you'd have no way of correlating an IP with a purchase.
So you claim, but it certainly is.

The bitcoin protocol is unencrypted, so when you put your transactions in the blockchain it is vulnerable to the attack I've mentioned above.

The papers are not recent so Bitcoin or SYS may have improved on these points.

Can someone, that is running SYS over tor make a listing with the following image and test that the image is grabbed through the proxy?
http://www.ipnow.org/images/1/FFFF88/000000/newmyinfo.jpg

What I've learned is that Qt doesn't magically route everything through Tor, the built in ProxyManagers aren't the greatest. You should double check it, I recommend it.

Does SYS have trusted onion nodes online at this very moment?

 

Yea that's what I'm saying there needs to be new tech that solves that problem and integrate with a.marketplace blockchain. If we seperate concerns we can tackle problems over time properly because we can't solve all of the problems in one go.. we need the world to adapt to solve some problems.

A stopgap solution can be shipper acting as an authority and approving what is being shipped to the description of the offer (we would need to integrate with the shipping company) that way if it's an empty box the shipper has failed his authoritative task. Because it's subjective you need someone or something capable of understanding and deciding right or wrong.. can't be done objectively currently regardless of escrow option. While dde may work better for smaller things because buyer can extend timeout it still won't work for bigger transactions.. so for smaller things like parcels dde might help solve issues although complicating user experience with more options it might be justified.

There's still be the possibility of someone shipping empty boxed and such to try to scam people but again this falls into the bad actor /exception category. Dzimbeck is describing an exit scam scenario where an arbiter who has built up trust over time buys + arbitrates a number of sales concurrently, and makes off with the funds, which would destroy their reputation. This (exit scam) can be avoided by trusting the right people as arbiters. Since there aren't arbiters at all in DDE there isn't really a comparable DDE scenario to exit scam.

---

If we play out the empty box scam in DDE I believe the funds are burned because buyer would never release? Merchant says i shipped the item, buyer says no you shipped an empty box, and there really is no further for resolution is that accurate? If the merchant actually shipped the item and the buyer is lying my understanding is that they'd need to work it out between themselves before the expiry time or all of their funds related to the transaction are lost. And the threat of this is supposed to motivate both parties to stay honest. If the amount is inconsequential to the buyer though the merchant is out their deposit + the item (assuming they shipped the real thing).

in AE empty box scam goes up to arbiter for deciding who is lying. Far from infallible, but the mutual trust from both buyer and seller in the arbiter means they're consenting to accept whatever the arbiter's decision may be based on information provided to them.

Syscoin is still trustless the gui is trustful for convenience sake simply letting users check that the btc txid exists and pays right. You still need to have your btc wallet.. it certainly doesn't depend on it in consensus.. now that would be trustful.

Also you don't have to host your own images.. I think you need to try out the client first before making such weak assumptions. There is no "IP snatching" unless you host your own images and are selling illegal stuff which would be stupid

Can't speak to BitBay stuff but none of these are mandatory components of the SYS marketplace and are all optional. Additionally image hosting isn't centralized, its technically scattered across whatever various servers users decide to hose their images on, SYS just has a link to this.

Not sure I follow you're "I could basically harvest the IP addresses of everyone that uses the marketplace." i think you're referring to if you stand up an offer, w/image and then monitor requests on the server side? First off you'd only get information on people viewing THAT item. Secondly viewing items isn't illegal, and you'd have no way of correlating an IP with a purchase. Additionally if the user is using TOR you'd have a worthless IP and in the end be no closer to unmasking a user than where you started.

---


The amounts your identifying here are NOT all from arbitration funds as you make it seem. The amounts stolen are a combination of funds that may have been in arbitrated escrow, buyer funds, and seller funds because the platform as a whole is centralized. Using this as some argument against AE is weak imo. DDE wouldn't have done anything to help these situations because the CENTRALIZED nature of the platforms- the funds would have still been made off with.

Additionally building rep and then buying a bunch and acting as arbiter just to steal the funds (exit scam...) wouldn't get very far and again, isn't at all a fault of the system. Yes, humans can be dirtbags but that doesn't mean the answer is charging everyone double (or 10%+ or whatever) and then it somehow solves everything. You're kinda throwing the baby out with the bathwater just because of a few bad actors. And yes eBay/Paypal is horrid and that's why we build things like decentralized offerings to replace them entirely

Halo had DDE before BitBay if my history is correct- i haven't seem any huge transformational change brought about by its introduction nor have I seen merchants clamoring for it because they are so tired of AE and bad actors screwing the over. Bad actors seem to be the exception not the rule in most networks but you seem to view them as the rule, thus AE as a whole must go.

Not sure I understand your point about transparent arbiters... there is no requirement for transparency in terms of identity disclosure as you're suggesting only that the arbiter is mutually trusted between buyer and seller.

If you've worked with real word merchants you'd hear the same issues I've raised here in terms of DDE and the payment flow being something that a majority of large scale merchants just aren't going to deal with. Having funds locked up will not only be a problem for them but I can also see it causing market volatility if large portions of the supply are "locked" at any one time which seems inevitable at scale? I do think there is value in making DDE more flexible both in terms of timeout and in terms of deposit % amount, not sure exactly how BitBay implements these facets of the design but the more flexibility the better.


I'm just trying to have a meaningful discussion which is rare on BCT in my experience I never said that DDE was a lost cause or worthless I merely said that there are benefits to both and there is value in providing both options to users so as to give them choices. From a development perspective neither DDE or AE is difficult to implement, forgoing one for the other purely as a matter of principle is shortchanging users imo. In Syscoin yeah we started with AE because that's what the market knows and uses and it works despite some pitfalls (bad actors), adding a DDE option is highly likely. Sounds like BitBay isn't very open to providing users this type of option.

I think SYS could also be a bit more accurate on their definition of a DECENTRALIZED marketplace..
As of now, it's filled with centralized features:
- centralized hosting of images
- centralized bitcoin TX verification
- anything else you want to add to the list?

You claim that you support Tor for the connections, but if you're using centralized images you are vulnerable to IP snatching.


^Won't show anything because of bitcointalk image proxy

Are those requests routed through the Tor network too?
I could basically harvest the IP addresses of everyone that uses the marketplace..

I highly advice you to put disclaimers of the potential vulnerabilities such as IP leakage in your main thread, you owe it to the users of your platform.

--

On a different note, how does BitBay handle its images?
What are the centralized components of BitBay?