Feature request : Additionnal fields to member objects

Hi,
Congratulations for your great work !

I currently consider to contribute this project by initiating a sort of guide “How to start your free currency”.
The idea is to give folks the best practices on how to plan, animate and boot strap a currency.
It seems to me that key signing parties are unavoidable to build a medium to large WoT.

Right now, I cannot see how a peer can associate my pseudo with my real identity if I show him my ID Card.

I think that we should be able to (have to ?) present our real identity when publishing our pubkey and provide additional data as our postal adress, email adress and so on.
Consequently, it means that we should be able to update this data (in case of move).

I’m really curious about your point of view.
Let me know.

Hi greyzlii!

What is your “real” identity? I admit you probably have a State identity. But does it worth more than this account you use here? Also, could it exist fake ID cards, and does it exist already? Do we have the ability to know which card is legit and which is not?

By these few questions, I would like you to see how State ID cards are no magic. You may initiate & make living a free currency using State identity cards. That is a possibility. You will probably convince a lot of people of the uniqueness and reality of your identity using an ID card. But that’s definitely not the only way for people to recognize each other :smile:

Anyway, you can put your ID card serial as UID. That will fit your requirements if this ID never change. And if it does, then you only have to ask people for signing your new identity and forget the old one.

What do you think?

I definitely agree !
ID Card is just a practical way to prove our identity to unknown (yet) persons. In Key Signing parties for example.

The Wot has limitations, for security, as MaxSteps between each members. And that’s a good thing.
But it can be a handicap for scale up.

I know the small world graph propriety but I think that in real world, it won’t be possible to build a dense Wot without events like Key Signing parties.
With MetaB, the security is pretty weak. Somebody can steal an identity really easily. It has no impact today because it’s just a test of a software. But it will be a real problem when MB will be used for real economic exchanges.

I think that signatures should be accorded to people we really know.
(Or people who proves its identity : ID card or official documents are a strong way to do it).

Btw, I don’t like the idea to use an ID card Number has my ID. That is not my identity. I’m not just a number in the government database. It’s just a way for people who share the same ideal (freedom, decentralized world, free currency…) but don’t know them yet to build their wot securely.

Well … you may not have all the details about this point. Actually, you don’t need to be close enought from all the members, for the good reason that if a member do not sign anyone, then no path exists from him to another individual. That would mean no member can join or stay just because of this individual. That’s why there is a parameter in the currency which says:

… close enough from any member with at least S certifications issued by him.

The greater S, the easier it is to have paths for MaxSteps rule. Also, there is an incentive for issuing at least S signatures: this way, you add your control over who can or cannot join, because you become a point of control.

To me, the combination of MaxSteps rule with S parameter is what allows for large WoT with possibilities of control.

I don’t know what “really” is. But anyway, you have the freedom to sign the way you want. And uCoin cannot impose you do it with ID cards or anything else.

That was a suggestion, you can also use OpenUDC udid2 format. Actually, I initially planned to add UID format as a currency parameter in order to refuse identities which do not respect this format. I will propose this feature at next FMM to see if people agree with that point.

But, about changeable identity metadata (address, …) … I think it is not required. It can be plugged onto uCoin in an external service (that’s why we ask for Social Network or blogs proofs to make the link between an UID and its metadata (here web activity)).

Ok, I see.
The downside is that it could allow colluded “attackers” to create an infinite amount of sybils.

Sure ! That’s not the point.
But, it is a “best practice” in key signing parties.

This proposition is very satisfying to me.
Thanks for the share. I will read it carefully.

Why that? Graph is oriented, remember.

Let’s imagine that vit inso and myself turn evil.

I create 5 fake identities fake1, fake2, etc…

Each of us (vit, inso and myself) sign these fakes.
If S parameter is set to 5, we become “points of control” as we issued 5 signatures (to fake identities).
And fake identities become certified member.

Maybe I confuse “certifications issued by him.” with “certifications issued to him.”.
Do I ?

As a member, if I discoverd people trying break my monetary system, I wish I could give anti-certifications to evil people and to fakes identities.
Certifications + anti-certifications >= 3 <=> (is equivalent) is a member.
And, if an identity get down 0 with (anti-)certifications, they could be banned from the system for a while, for instance. It could be great, if we could destroy the money they created.

1 « J'aime »

Not yet: you’ve made signatures, but these are not written yet since fake identities are not members yet.

You are not confusing, I think you’ve well understood who becomes “point of control”. If these 5 fake identities were able to become members (because other people agreed made them join in some way), then yes, you, vit and inso would have become points of control.

Edit: @Moul we will be dealing with this point at next FMM.

But if fake1 obtain a signature from inso, vit and myself, fake1 becomes member.
And if inso, vit and myself repeat the process 5 times, we become Point of control.
Don’t we ?

Yes you are right. But I still don’t see why you said:

There’s a misunderstanding somewhere.

If I recapitulate :

  • I enroll vit and inso in my evil project
  • I create five new identities
  • we sign these identities : 3 sigs, they become member
    (maybe the point is here, vit, inso and myself must be at n steps from a point of control where n = MaxSteps - 1)
  • As we have signed 5 (or more) identities, we become Points of control
  • We can repeat the process with an infinite number of fake identities

plausible ?

That’s what I was thinking about :slight_smile: In a 3 steps WoT, your Sybils (fake1, fake2, …) will be at step 2 from you, vit and inso. But from other members who would be control points to you (them -> inso,vit,you), your Sybils would be step 3 from them (the max distance):

people: them -> vit,inso,you -> fake1 -> subfake (cannot join)
------------------------------
step:     1           2           3         4

So the only “infinite” creation of fake accounts would come from you 3 guys, not from Sybils themselves.

Since we also have the rule that say “a member can make only one signature per day”, the hemorrhage is kind of cointained. It might be useful to have other protections, however. Like “a member cannot make entering more than 1 individual a week”.

What do you think about chaging this rule

close enough from any member with at least S certifications issued by him.

by

close enough from any member with at least S certifications issued to him.

It means that the point of control is someone that the community highly trust.

Good idea :slight_smile: However, I would not change the rule, just combine the two (the S floor was here to avoid point of controls with too few or possibly no path from them).

Ok.
Do you mean that I become a point of control if :

I have S certifications issued to me AND
I issued S certifications to other people ?

Btw, if i recapitulate this debate, I would say that we have several ways to allow large WoT :

  • With adapted admission controls rules. (here point of control).
  • With community managment methods : key signing parties, events, etc…

Do you agree ?

Yes, more precisely with have S1 and S2. We can put the values we want.

Yes! :slight_smile:

Here is a suggestion. Not sure it’s a good idea. Let me know your opinion.
We could give to the community some tools to explore analyse and publish their results about the WoT.
It seems that it exists many methods to detect sybil nodes. However, the final decision should mabe made by humans (in order to avoid false positive or false negative).
http://vizsec.org/files/2010/Harrison.pdf

In this case, we need an anti-certification power.

1 « J'aime »

I very approve this method. Give the tools to humans, let them decide.