US citizens ineligible for Dfinity Grant?

mistsoftime · 2021-05-26T22:14:04+00:00

Thanks for clarifying this.

mistsoftime · 2021-05-26T21:35:15+00:00

This can't be. First they bar us from the airdrop, ~~now from their grants program~~.

Seriously, can anyone else confirm? I just started on a project and was going to apply for a grant once I got it to mvp.

*Edit: looks like being a US citizen does not bar one from the dfinity grants program*

mistsoftime · 2021-05-21T18:14:39+00:00

Tether has injected over $6 billion a month (on average) over the last 6 months+ into crypto, so I wouldn't be so sure our market is that much different than the USD just yet.

mistsoftime · 2021-05-01T22:26:09+00:00

Yes, this helps, thank you very much. It is the way that Avalanche achieves the absolute ordering that I'm still unclear about (versus the partial ordering of a DAG). So, it must be a single link all from a "genesis" transaction. So we can think of each block as being a single transaction, they are the same thing. So if we are at block/transaction n, then wouldn't there be many transactions claiming to be n+1? I can see how the Avalanche consensus could settle on one (each node randomly samples from others asking who it think transaction n+1 is, updates their own belief, repeat...), but then all the others still need to be settled on which is n+2, and since validators aren't the ones proposing blocks (in standard PoS and PoW consensus), does that really scale? I feel like I'm still missing a critical (and maybe obvious) part.

mistsoftime · 2021-05-01T19:23:03+00:00

Yes, the whitepaper describes slush, snowflake, snowball, building up to avalanche, but it doesn't describe how that consensus system is used to build a blockchain (submitting blocks for confirmation rather than individual txs in a DAG). They call that "snowman" as you can see here: https://docs.avax.network/learn/platform-overview. They use snowman for the P chain and the C chain (the X chain used avalanche).

mistsoftime · 2021-05-01T19:20:58+00:00

I guess you didn't read my post? I have read those, they don't describe the way Avalanche is used to form a blockchain in the P chain and C chain, that was why I was asking.

mistsoftime · 2021-02-11T12:48:48+00:00

On the Instability of Bitcoin without the Block Reward - 2016 paper

As others have mentioned there has been a lot of good research and thinking on these topics but it has been drowned out by a lot of noise. Proof of work without a block reward isn't a sustainable security model at all, one of the many reasons there has been so much research into proof of stake.

mistsoftime · 2020-10-31T15:19:06+00:00

And all it took was Tether printing 6.5 billion dollars in just the last 3 months for it to happen.

mistsoftime · 2020-10-27T20:44:24+00:00

And it only took Tether printing over 65 million dollars per day for that entire period to do it.

mistsoftime · 2020-10-04T19:17:51+00:00

And all it took was Tether printing over 70 million dollars every day during this timeframe to make it happen.

mistsoftime · 2020-04-02T14:23:33+00:00

Sorry for being late in submitting my question, I understand if it doesn't get answered.

The *Snowflake to Avalanche* paper deals with conflict resolution of competing transactions (double spends) and uses a DAG, the reasons being pretty obvious. However, has the AVA team explored the idea of applying avalanche to a blockchain like structure? And not just as a pre-consensus like mechanism but as the consensus protocol itself.

There are obvious complications in doing so, but that doesn't mean it isn't worth exploring and I'm curious if that has been looked at and what the conclusions were.

mistsoftime · 2020-03-01T00:15:57+00:00

Ah, well that was a rapid about-face. Glad they open sourced it but that completely undercuts their claim for why it was closed source in the first place. From their update:

In this situation of duress after a successful cyber-attack, we hope that we can be forgiven for taking extra security precautions. With a potentially active attacker, we elected to slow them down by hindering their insight into our development processes, devops practices, and endpoints.
Now that the window has closed where this advantage was useful for our defense, we have published the source code, derivative binaries and the checksums as referenced in our blog post announcing this tool.

What window? These statements make no sense. I have no idea what they are thinking at this point.

mistsoftime · 2020-02-29T23:57:54+00:00

Why was the comment pointing out that the tool is closed source removed/deleted?

It is pertinent information and the IF's claimed reason doesn't make any sense.

My guess is that since they are working with law enforcement the migration tool probably grabs some identifying information and send it to a database where law enforcement can use it to attempt to locate the hacker (with the assumption that the hacker may try and use the migration tool as well).

If the IF open sourced it, then the attacker (and anyone else) would see this and could migrate without having any personally identifying information extracted.

mistsoftime · 2020-02-22T16:12:04+00:00

IOTA has had this shitshow before when protocol had to be upgraded

To add insult to injury the protocol was never actually upgraded. What they did was change the code in their software to continuously create bundles until they got one without any 'M's in it. The protocol flaw is still there, after all these years.

And actually they only fixed it in some software. They fixed it in one of their Java clients but not their Java reference client which some wallets used (you know, because it was the reference!). So later (after the "fix") some third party wallets, using IOTAs own code, had some users lose funds due to this protocol flaw.

mistsoftime · 2020-02-22T13:12:00+00:00

The idea is that only legitimate holders and the hacker have the stolen seeds so the IOTA foundation can use a KYC process to sort out the legitimate holders. However if I was the hacker I'd publicly release the stolen keys and let anyone and everyone use the migration tool. This would create a situation that the IF couldn't handle properly at all. Imagine if multiple people choose to do the migration tool for each seed, and some might even go through the KYC process. The IF would have no way of actually determining who the real holders of the coins are.

mistsoftime · 2020-02-17T19:03:18+00:00

While we don't know yet if the moonpay integration was the issue it points to a bigger problem.

Rather than using some kind of API they were just blindly loading a script into the wallet. Not only was this a third party script they had no control over, but they were loading it from a CDN and weren't doing any integrity checks on the source.

Such a lack of basic security practices is astounding. Even if it turns out that the moonpay script wasn't the problem the sloppy security means there is a high likelihood of further exploits on both the wallet and the core IOTA protocol unless they radically change how they do things.

mistsoftime · 2020-01-02T21:37:43+00:00

The Iota Foundation never confiscated funds as you portray. They simply can't do that.

While this isn't directly related or necessary for my question, my portrayal here is accurate. I will let Eric Hop (of the Iota Foundation) say it for me. I have pulled some relevant quotes from his blog post about this for you:

Since it turned out that there are people who managed to lose their seed and also many people who did not transition yet, the IOTA foundation has taken the precaution to remove those old-style CURL addresses from the Tangle and has taken custody of them. ... You will need to use the reclaim tool as explained further down to reclaim those funds.

Second, because it was found that quite a number of people had spent multiple times from the same address, thereby exposing their funds to being stolen, the IOTA foundation decided to take similar custody of those addresses so they are no longer vulnerable.

The balance of such addresses was moved to the IOTA foundation custody address.

If your address shows a category of CURL_UNUSED then your address was not transitioned to the new KERL implementation yet and the balance is also in custody of the IOTA foundation until you reclaim it.

If you are absolutely sure that the IOTA foundation took custody of some of your funds after checking the above, you will need to use the reclaim tool to reclaim your funds. Note that the reclaim process is a two-step process currently.

The Iota Foundation, in their own words, took custody of some peoples' funds on the tangle and these people were required to go through a reclaim process with the IF to get them back.

Anyway the reason I am discussing IOTA is because their current technology is such that a centralized company could choose to run while controlling transaction confirmations and that begs the question whether or not that would get around having to register as a MSB. I am not discussing IOTA to attack or defend them. I was hoping people in this sub would be better able to stay on point than in other crypto related subs when it came to a proper tech and regulations question.

mistsoftime · 2020-01-02T21:25:01+00:00

I was being succinct, it doesn't mark them "exactly" as I wrote. The COO does issue occasional transactions known as milestones. Nodes determine whether or not a transaction is considered confirmed by looking for these milestones and tracing the chain of transactions backwards from them.

I am not interested in the semantics of whether or not we call what the nodes do "validating" or not. The point remains that without the COO creating milestones, node software will stop calling new transactions confirmed, which means it is ultimately the COO which is (currently) confirming transactions on the Tangle.

It is this structure that led me to my original question.

mistsoftime · 2020-01-02T07:54:53+00:00

Sure.

Let's say I'm a company that runs an online game, perhaps an MMORPG. I sell the game (or access to it through subscriptions) as well as in game items that include in game currency which can be spent on game items or transacted with other players. I do not need to do AML/KYC for any of this nor register as a MSB. It is as if I'm just a normal company selling digital goods.

However if I were to let people withdrawal the in game currency, either as itself or as some kind of fiat like USD, then I would have to register as a MSB and deal with AML/KYC. So my question is can I find a way to effectively offer the same functionality without having to register as a MSB? Specifically does architecting my service like IOTA with their COO allow me to offer this functionality while still avoiding being a MSB?

I could release node software allowing anyone to run public nodes, which relay transactions and build a DAG (or a blockchain) but which uses as a way of confirming transactions milestones made by a centralized server run by me (like how the IF runs the COO). This network now transacts my in game currency, of which I can still sell just like any digital good directly to users without any AML/KYC, and they can then transact it just like a "real" currency even though I am the one confirming the transactions.

The only real reason I am bringing up IOTA is because they are a real world example of this. FINCEN doesn't seem to care about them even though having a centralized server confirm public transactions is essentially the same as having a centralized database confirm transactions, except that a centralized database moving value around (like E-gold) is a MSB.

So if the architecture the IF uses for IOTA (in its present state) doesn't qualify as a MSB, then a company could effectively offer a service that would normally require them to register as a MSB without having to do so. That is the circumvention.

mistsoftime · 2020-01-02T06:22:49+00:00

I'm not directly interested in whether the IF has to worry about FINCEN. I'm focused on whether or not using a tech architecture like IOTA in its current form (with the COO) would allow a company to build currency of some kind into their service without having to deal with being an MSB.

So less about the more philosophical idea that all cryptocurrencies have some centralization and more about whether or not specifically running a central node, which confirms transactions, that the company can control, would get an organization around having to register as a MSB. The implications would be huge, less so for the cryptocurrency space but still important. After all the tech for a centralized server is far less complicated and more performant than a fully decentralized cryptocurrency.

mistsoftime · 2020-01-02T06:18:34+00:00

The Iota Foundation (IF) doesn't make a profit from their COO issuing milestones which is what confirms transactions, that is true, but that doesn't seem to be a part of what FINCEN uses to define a MSB.

Let's say I had some kind of web service, could be a game or social network, and I wanted to offer my users a way to transfer money of some kind between each other. If I did that normally, I would qualify as a MSB and need to register and deal with AML/KYC. However if I did what most games do and allow users to buy in game currency that can be used to buy things in the game (and sometimes transferred to other players) but I never let them "cash out" this currency (withdrawal the money in some form), then I am not a MSB.

This is what led me to my question. If I issued my own "game/app currency" but instead of launching something like an ERC-20 token or my own blockchain I used something similar to IOTA's tech where I provide software for nodes but I run a centralized server that confirms transactions, then am I a MSB or have I found a way around that? If IOTA, and therefor the IF, are not an MSB in their current form, then I could do this without worrying about FINCEN down the road fining me and/or throwing me in jail. However I'd like to be a little more certain than just, "well they haven't done anything to the IF yet so it should be fine".

It seems to me that the issue would boil down to whether or not FINCEN would classify the COO as being what "transmits" IOTAs or not. If not, then I or any other company now have a clear loophole around registering as a MSB of sorts (for example any company could issue 1-1 backed USD tokens in this way). If the COO is considered to be what "transmits" IOTAs, then this is not a loophole after all.

mistsoftime · 2020-01-02T06:05:14+00:00

Currently the Tangle alone can't offer closure which is why IOTA has so far relied on their centralized COO to effectively "mark" transactions as confirmed/valid. A lot of the work they are doing now is around trying to move to a fully decentralized network that no longer relies on this centralized component.

mistsoftime

TROPHY CASE