Sophisticated Sybil attacks

Hi everyone,

damn, you guys stole my idea I have been doing a lot of thinking lately on how to make a cryptocurrency with basic income. From what I’ve read the ideas you guys have are very similar to mine.

That being said, I think there are some weaknesses in the design as I understand it right now. I think the WoT idea is good, and it’s a good start, but I don’t think it will be sufficient.

In fact, I don’t think we can design an algorithm that makes the decision as to whether a node can join the network or not. It seems no matter how we try to design this algorithm, there will be ways of fooling it into accepting forged nodes, and it will probably not be very difficult either. All that is needed is that some corrupt members that have been accepted into the network cooperate with each other.

We want to achieve a system which provides a decent basic income, i.e. it should be sufficient to cover basic living costs, right? An account for receiving a UBI would hence be worth quite a lot, and this would create a very strong incentive for fraud. Now imagine a network of some hundred not quite honest people, who each have a legitimate account in the WoT, and who would want getting an additional, illegitimate account each. “All” they need to do is to find other equally corrupted members and to cooperate with them, “trading” signatures in a way so that all false nodes get accepted. Not “I sign your fake account and you sign mine”, that would be quite apparent, but something more sophisticated like “I sign the fake accounts of user A, B, C and D and my own fake account in turn gets signed by user E, F, G and H”, etc. It would probably be easier for a gang of fraudsters to orchestrate a trade of signatures that looks very “plausible” to the network, than it would be for an actual flesh and blood person who has a poor social network to join. I can’t imagine an algorithm that could stop such more cunning sybil attacks, and this means that in the end a significant fraction of the nodes in the network could probably be fraudulent, even under ideal conditions.

So I think we would see some kind of “race” to create as many fraudulent nodes as possible, if this basic income starts getting worth anything, and no matter what conditions you impose on the WoT the fraudsters would “push” towards these limits, making it harder for legitimate nodes to join.

Any thoughts on this?

Yah, World Citizenship.

Problem solved.

That was an interesting read, but it says it cannot prove a person has multiple identities, and later says that a photo is not required and even a pseudonym may be used, so that ID has nothing to do with a legal entity, which is good, but doesn’t stop sybil attacks.

It might slow down the rate fake nodes could be made because the person would have to show up to multiple venues far enough apart not to meet the same people, but biometrics would be a requirement for an id to prevent multiple identities, at best a video recording is made showing a fingerprint being made with ink, or a retinal scan made with an instant film camera, the video would show an untamperable image after the person made it, whereas an LCD monitor showing the fingerprint could be a false generated image, and the person operating the scanner would be helping them make a fake identity. The downside is that nobody would want their biometric data shown on a video, someone could take a frame of video to make silicone fingerprints and frame them for a crime or steal their identity.

A possible solution is to use a retina scan and fingerprint like salts used with a password to generate a public key, the biometric data is never stored but is needed whenever they use that ID to create a new account on different websites, or for a basic income. The combination of salts without a password could be a separate key to see if they’ve used that biometric data before. Of course that would necessitate everyone owning biomertic scanners but if that’s the qualification for a few grand per month for free, I dont think people would mind buying them.

That is IF uCoin can get you a few grand a month, which I see as problem #1 at the moment.
You have to realize that the desired inflation rate for high stable economic growth is 2-3%.

World GDP per capita is 10k, 3% of 10k / 12 months = 25 dollars a month, or about 1/100th of what you hoped for.

I also thought a lot about biometrics, but if someone produces a video showing them making a retina scan or something like that, how do I know that the retina scan device used when the video was made isn’t tampered with, so that it displays a fake biometric signature?

Of course, if the bio-signature is faked, this would be detected if you were asked to produce that bio-signature on a device that hasn’t been tampered with. But how would we utilize that?

Should the network demand that the bio-signatures are regularly verified on different devices, owned by different users? Of course, we can’t send a physical bio-signature onto a block chain, the only thing we can put on a block chain is something like a digitally signed declaration where some user in the network says something like “I swear I’ve met a person who actually could produce this bio-signature on my device”. If we could get a lot of independent regular verifications of a bio signature, well, that suggests that it’s a real signature. Unless the signers are lying. Perhaps because they are paid a part of the income from the extra accounts, i.e. “I’ll pay you for publishing on the block chain that you’ve verified my bio-signature on your device”.

That was another question I also had Where does the money for the basic income come from? Just printing new money would be very deflationary and give a very unstable monetary value.

You mean inflationary and that’s exactly what they’re doing here. It’s stable because it’s predictable. Since uCoin allows you to start your own coin, you can decide what you think is best.

If you think just being able to print new money is a bad thing, think of the current siituation, all non-crypto money is printed by a few people owning private banks who do so at will and they print it as debt, meaning that:

1. A couple of people, if they wanted to, can print more money in the world on a whim.
2. The money can only be printed as debt. If everyone would pay off their debts the money would be gone!

Bitcoin and other PoW cryptocoins on the other hand is printed by miners through solving blockpuzzles. This has lead to he-who-owns-the-biggest-computer-farm-owns-the-bitcoin-creation.

Proof-of-Stake cryptocoins is slightly more fair.

With uCoin there is no constant debt and the printed money goes to everyone.

Or is that not the question?

If your question instead to where the money for basic income should come from,
I think that uCoin is a starting point.

You have to remember as well that 25 dollars a month may not sound as a lot money, but it’s free money no matter where you live, no matter what you. For people living in the poorest of nations this is already more than what the average earner makes.

From there we should decentralize other businesses and somehow make money out of that.
I’m not sure how. But maybe each decentralized organisation should contain a small fee to go to every node in order to stimulate people to support decentralized companies.

However, the uCoin team and other decentralized teams believe that there will be enough volunteers to support their system no matter how large.

But we’ll see what happens.

As you all known, this week end the event “5h Freedom Money Meeting” in Paris. We talked a lot about this matters.
The choice we made during these days will be presented on the blog as soon as possible. But, shortly, what we are aiming is this :

• The wot is not a technical network, it’s a human one. So its growth speed should be organical, not technologic. This means, when signing someone, a delay will be set before the individual can sign a new individual. This is a counter-measure to automated sybil attacks.
• An organization, when being too big, will have problems maintaining the way it works. No society in the word got more than 500 000 employees… It’d be two hard to grow and organize.
  So we decided that the wot should be limited in size. An individual should not be able to sign more than N people. With the max distance from everybody rules, a community could not have more than ~2 Million people. Multiple currencies should appear to have a word wide UBI money.

Well, not at all. In fact, sunday, @Galuel (the one who created the Relative Money Theory, the theory behind ucoin money rules) will present its last theorem. It explains that having a 3% growth and ~7% taxation to create an UBI is equivalent of having a 10% growth.

I would like to remind you that we do not choose a 10% growth arbitrarly, but it’s the mathematic consequence of the 4 economics freedom :

• The freedom to choose your currency system: because money should not be imposed
• The freedom to access resources: because we all should have access to economic & monetary resources
• The freedom to estimate & produce value: because value is a purely relative to each individual, in space and time
• The freedom to trade with the money: because we should not be limited by the avaible money supply

I guess we really need to finish translating the relative money theory. This would help non-french people a lot to understand what we are aiming to do with ucoin.

Hi omega !
I will try to explain something subtle in an other language than my native language (french).
I hope it will make sense.

At the beginning, I had the same “problem” than you with the Sybil attack in the Wot.
Like you, I was thinking that the basic income was a great incentive to fraud.

But, our views are perverted by the current monetary system : money = debt.
All fiat moneys are “private” and rare. In other terms, it’s a fraud. (quite big fraud as all created economic values are mechanically the property of those who emits money)
In that context, everyone need money. Some wants more money. We are fighting to have money. We do things we probably don’t want to do to have money.
And if we have the opportunity to fraud, we simply do it !

But, let imagine an innovative but simple monetary system : money = human being.
Money is co-created by all its current and future members.
In that context, everyone has money. And money become a tool to create economic values with others. We don’t need it. We just use it. It’s a quite big difference. Members are not just passive consumers but also producers.

So, of course we need protections against sybil attacks for ucoin.
But we more need to educate people about what is money.

But, let imagine an innovative but simple monetary system : money = human being.

I think you might want everyone to imagine “money = commodity” instead.

A lot of topics at the same time Ok, first of all, no-one needs to preach the benefits of unconditional basic income, I’m all for it. I think it’s a much better way of achieving income redistribution than well-fare systems with conditions attached, as these tend to become poverty-traps.

The thing about money vs debt though, is that it is pretty hard, and arguably not really desirable, to prevent people from lending money. If X makes a deal with Y, saying that X will pay an amount to Y now and Y “swears” to pay it back with interest in the future, how can we stop these transactions? The initial transaction is just a transaction between two people, and so will the future transactions be. And do we want to stop them, even if we somehow could?

If someone wants to make an investment, say buy a new piece of machinery for a factory floor or buy a house, requiring that he/she should save up all the money first and have it all “sitting around” on an account would lead to quite absurd results. A lot of money would be “sitting around” for no use, and saving up a considerable amount would take considerable time, slowing things down. A house would typically have a life-expectancy that is longer than an average human life-time. To pay the full value of a house up front is something few would be willing to (or have the money) to do. The big problem with the financial crisis was rather that the prices on houses had soared far beyond what it actually costs to build them, which isn’t really sound. The banks have been very willing to lend excessively for house mortgages, thereby constantly driving the prices up and in effect we have paid too much for the houses and are stuck with more debt than we would have needed to, and more money ending up as bank profits and less in our pockets. Well played by the banks, really well played. Not so well-played by the loan takers.

So now people are saying: “Hey, you stupid banks, you shouldn’t have lent so us so much money for housing!” but we didn’t really have to borrow all that much either, now, did we? We kind of have ourselves to blame a little bit too.

It is a bit too easy, though very populistic, to say that the problem is that money = debt. The big problem was rather that people over-valued houses and promised away too much of their future income as payments for loans. People overspended. Borrowing money is in itself sound, and difficult to prevent, but too much borrowing obviously is a bad idea and will lead to bubbles.

Wealth is simply much more than money in an account. To be more generic: your net wealth is the value of what you own/have the right to receive in the future minus the value of what you owe others. Basic income doesn’t really change this fundamental equation, it merely adds an “asset” on the plus-side for all human beings.

It’s not so much debt itself that is the problem. As you said, if X wants to give some of her money to Y and trusts Y to pay her back, there’s no reason they shouldn’t be free to do so.
The problem is that it doesn’t actually happens like that. Debt is used as a tool for money creation. To simplify things, when X lends money to Y, she doesn’t give what she already has, she just prints new money to give to Y, then asks to be paid back with interests.
X isn’t able to lend money because she has accumulated capital she wants to invest, she just owns the only money printing press.

Concretely it usually works through a central bank, which is the only producer of a given currency, which lends by money creation to private banks at very low interest. The private banks then lend back this money at much higher interest rates to people (while still actually being able to lend more than what they really have). As Folatt said, that gives you a system where if all the debts were repaid, then there would be no more money in circulation (and still interests to pay back…)

I recommand David Graeber’s book “Debt : The First 5000 Years” for a very nice detailed history of debt.

The thing about money vs debt though, is that it is pretty hard, and arguably not really desirable, to prevent people from lending money. If X makes a deal with Y, saying that X will pay an amount to Y now and Y “swears” to pay it back with interest in the future, how can we stop these transactions?

You’re taking this from the opposite direction. This is not about stopping debt, it’s about debt money being optional and having commodity money as the default, whereas today debt money is the default and commodity money being exceedingly rare.

In fact, I’m willing to bet that at least 99% of today’s money supply is debt money and you have to realize that most of that debt has to be paid back with interest.

This is due to the fact that all banknotes and money on your bank account is debt. The only thing that isn’t debt are coins. And those coins are not useful enough to pay for your daily groceries, let alone pay for a car and certainly not a space station.

Since almost everyone has to constantly pay back interest, some people don’t have to do anything to generate income, while others have to constantly think of ways to earn more money to pay off last year’s debt.

If someone wants to make an investment, say buy a new piece of machinery for a factory floor or buy a house, requiring that he/she should save up all the money first and have it all “sitting around” on an account would lead to quite absurd results. A lot of money would be “sitting around” for no use, and saving up a considerable amount would take considerable time, slowing things down. A house would typically have a life-expectancy that is longer than an average human life-time. To pay the full value of a house up front is something few would be willing to (or have the money) to do. The big problem with the financial crisis was rather that the prices on houses had soared far beyond what it actually costs to build them, which isn’t really sound. The banks have been very willing to lend excessively for house mortgages, thereby constantly driving the prices up and in effect we have paid too much for the houses and are stuck with more debt than we would have needed to, and more money ending up as bank profits and less in our pockets. Well played by the banks, really well played. Not so well-played by the loan takers.

So now people are saying: “Hey, you stupid banks, you shouldn’t have lent so us so much money for housing!” but we didn’t really have to borrow all that much either, now, did we? We kind of have ourselves to blame a little bit too.

It is a bit too easy, though very populistic, to say that the problem is that money = debt.

Debt money makes problems like the 2008 crisis more difficult, not easier, to understand.
If you think the problem would have been solved if loan-takers would simply say no to the money, then you do not understand the problem with debt money. Without taking loans, there wouldn’t be any money other than coins, meaning that no matter what happens, if the economy doesn’t constantly grow there will be a crisis.

That’s completely normal if you understand that “identity” is not something that can be proved.

No. We want every member of our money system to be equal towards money creation. “Sufficient” or “decent” has no meaning to us, because we agree on the fact that values are a relative vision. We do not agree on what is value and what is not, neither in space (a glass of water does not have the same value for a man in the desert and for one in his kitchen) nor in time (we don’t like Whisky at 5 years old, but we might at 20).

@omega, @JBitD:

More deeply about identification, the problem with “technical solutions” is: in the end, uCoin does not know what is “a scanner” nor “a film”, “a camera”. uCoin defines a coherent system that does not know anything else than pubkeys. It also defines actions that can be interpreted by the system to define members.

The trick being: keys are owned by humans. This way they have a tool to express their will, a will that other humans can legitimately trust is real since signatures are made with these keys their recognize.

Actually, you can put all the “identification” data you want, if humans do not care, they won’t be forced to use it. And that is fine to me.

See! You’ve catched it. We cannot rely on “machines”, because “machines” is something the system cannot define. This is pure human concept. It has no sense to the system.

I could not more agree with your sentence. Change of referential, and you have to interprete everything again. Rules are different in the new referential.

It has nothing to do with easiness. It is a mechanical consequence of debt-money system: money goes where banks allow the money to go (making credits) which mechanically increases prices.

Anyway, to answer your initial question @omega, @Inso mostly expressed my point of view: we should differentiate the human network from the technical one. Their time of execution are completely different, relations between humans are long to establish. Just like birth and death are long to realize for us.

That’s why we plan to have:

• a minimum number of connections to become a member (8 for example)
• a maximum number of connections a member can make (16 for example)
• a maximum distance between 2 members (5 for example)

Given that:

• a member cannot make another connection before a delay (1 connection every 2 weeks for example)
• connections expire (1 year validity for example)
• members must renew their will to stay as member (every 6 months for example)

Also, you can make tools for people to explore the relations between members and detect frauds.

The question of what money “really is” is a tricky one. It sounds like you want to emphase that the “new” money, cryptocurrencies in general really, can be thought of as a digital commodity, a bit like good old fashion gold coins that you can “wear” upon your person. Of course, once upon a time banking actually based on things like gold coins, but bankers came up with the idea of producing notes which entitled the bearer to, whenever he wanted, pick up a certain amount of gold coins from the bank in question. Soon enough, people started exchanging these “gold coin certificates” instead of the actual coins, and since not everyone wanted to pick up their gold at the same time the banks could have a lot more such gold certificates out there than they actually had gold. If we, so to speak, go back to exchanging the gold coins directly, rather than debt notes, that could conceivably lead to a different kind of economy.

But still, a debt note is worth something, obviously. People might therefore conceivably want to trade such notes. Which is of course actually what bond traders are doing. Of course, a bond issuer might default, but this can’t happen to digital coins that you have in your own digital wallet. Investors don’t want to have large quantities of money sitting in wallets, doing nothing, though. But the “ordinary people” might conceivably prefer to actually own the digital gold coins, rather than a debt note from a bank (though they’d miss out on interest rates that way). So I guess, yes, this could really change things.

None the less, if we have an era when a lot of people and/or investors borrow to much we could still have a crisis very much like this one.

A translation of that paper you’re talking about would probably be good

But you were talking about taxation too, not just “producing” new digital gold coins, to pay for the basic income? How would that taxation work?

But you were talking about taxation too, not just "producing" new digital gold coins, to pay for the basic income? How would that taxation work?

I really don’t know. I just think it’s the next logical step. Maybe each DAO generates and distributes new shares?

We want to achieve a system which provides a decent basic income, i.e. it should be sufficient to cover basic living costs, right?

No. smile We want every member of our money system to be equal towards money creation. “Sufficient” or “decent” has no meaning to us, because we agree on the fact that values are a relative vision

As you can see omega, cgeek knows what the limitations are and should be of his project.
If you strive for a decent basic income like I do, then I think a distributed cryptocoin alone is not enough. In my humble opinion, we should supplement this by fully automating as many profitable organisations as we can, starting with the easiest ones, in order to either distribute it’s services or products or somehow share it’s profit.

So there’s a lot of work to do if you want to realize basic income.

There is absolutely no “taxation” in uCoin freedom money, there is only a DU. If you study Relative Money Theory, or if you study mathematics, there is just the possibility to change the money view counting with DU, instead of Quantity money units. Changing the view don’t change the money at all, but it appears exactly like if there was a “tax” (in Relative View), but there is not tax at all (in Quantitative view).

You can study that viewing that video + studying the zip archive inclunding pdf and Calc files you have in that post where both Quantitative and Relative Views are presented with an example.

Printing new money very aggressively would give a currency which no-one wants to save up, as it looses in value so quickly. I think it would risk giving some pretty undesireable effects.

Anyway, the topic was actually Sybil attacks. cgeek, my first thought when I read the proposed rules was: Gosh, that’s a lot of rules (it will be quite a challenge for real people with poor social networks to join), and my second thought was: still not enough. If our adversaries cooperate, as I described, trading signatures, I can’t imagine any set of rules which they will not be able to circumvent.

Well, we have talked of these rules again during last Freedom Money Meeting (5th), and we concluded 2 things:

• people should be limited in the number of concurrent valid signatures they can issue
• this rule, mixed with the distance rule, implies a maximum size of the community

And we imagined that a community:

• requiring individuals to gather 8 signatures to be a member
• requiring a maximum distance of 5 between its members
• limiting members to issue 16 concurrent signatures

would lead us to a maximum size of ~1 million people community. Possibly a bit more, but mathematical max is ~2 million.

For comparison, Google is composed of 50.000 people.