[HN Gopher] Signal adds a payments feature with a privacy-focuse...
___________________________________________________________________
Signal adds a payments feature with a privacy-focused
cryptocurrency
Author : josh2600
Score : 166 points
Date : 2021-04-06 16:23 UTC (6 hours ago)
(HTM) web link (www.wired.com)
(TXT) w3m dump (www.wired.com)
| gojomo wrote:
| Wow, a cryptocurrency that's _also_ dependent on Intel(tm)
| SGX(r)!
|
| What wonders will Intel's Signal subdivision offer next?
| ivoras wrote:
| Well, if any cryptocurrency is to gain really wide adoption, this
| is the way to go: integrate it into something a large number of
| people already use. And judging by what WeChat does, a chat
| client is an excellent choice - after all, money sending is a way
| of communicating something (an abstract form of "value" in this
| case).
|
| I only wish it were done differently - maybe we'll get answers to
| these questions:
|
| - Why not airdrop everyone a 100 pieces of whatever coin (or even
| just 1, assuming the coin can be subdivided into tiny bits)? I'm
| asking because I believe the value of this kind of coin usage
| will come from its daily users, not from exchanges, but that's a
| long game. Even if today it's worth 0, if the UX is good enough
| and it proves to be secure, people will start assigning value to
| it.
|
| - Why pick a cryptocurrency almost noone has heard of? For
| example, related to the above question, why not buy or mine a
| million Doge and gift every account a 1 doge (presented as 1
| thousand mili-doge)? People will start assigning (more) value to
| it sooner or later if it's easy to use. Feel free to substitute
| almost whatever instead of Doges (maybe something with PoS and
| give the users the warm fuzzies with apparent increase in value).
| ZoomZoomZoom wrote:
| Again, Signal shows there's some undercurrents going on
| constantly in the organization and bringing private and ethical
| messaging solution to the public is not the sole goal. Another
| affirmation for those who kept on recommending Matrix/GNU
| Jami/XMPP instead.
|
| At this point, if you really need this broad functionality Signal
| are aiming to provide, why not Status.im? At least their tech is
| cool.
| abstractbarista wrote:
| The proper choice would have been Monero.
| bluefox wrote:
| So Signal is now a payments app? Really? Installed Element and
| will be phasing Signal out of my life.
| josh2600 wrote:
| Hi!
|
| I'm the CEO of MobileCoin. If anyone has any questions please
| feel free to ask here. We've been working on this project for
| four years and it has been a labor of love. There's a lot of new
| technology here.
|
| We exist in a highly regulated space so it's possible some
| questions will require reaching out to lawyers to make sure we
| answer them in a way that's compliant so please don't feel
| offended if a response takes a while to come back.
|
| The best set of docs for how the whole thing fits together is our
| book "The Mechanics of MobileCoin"[0].
|
| We'll be around here and on our forums [1] to answer questions.
| Please also check out our foundation website[2]. The github[3] is
| also a lot of fun, especially the section on Fog[4].
|
| [0]https://github.com/UkoeHB/Mechanics-of-
| MobileCoin/blob/maste...
|
| [1]https://community.mobilecoin.foundation
|
| [2]https://mobilecoin.foundation
|
| [3]https://github.com/mobilecoinfoundation/mobilecoin
|
| [4]https://github.com/mobilecoinfoundation/fog
| bdcs wrote:
| The Oblivious RAM implementation is incredible
| fblp wrote:
| Hi Josh, thank you for taking questions. Can you speak to the
| financial distribution of coins/funds for the employees and
| foundation?
| tgsovlerkhgsel wrote:
| Assuming an attacker fully compromises SGX for machines under
| his physical control (e.g. can execute arbitrary code inside an
| attested enclave), what can the attacker do/what security
| properties of MobileCoin break?
|
| I know Moxie seems to put near-complete trust in SGX, but many
| security professionals don't.
| Forbo wrote:
| I tried going to https://buymobilecoin.com/ as referenced in
| https://www.mobilecoin.com/terms-of-sale.html but get a
| Cloudflare "Error 1020" page. What's up with that?
| josh2600 wrote:
| This occurs when you try to access it from a US-IP.
| deftnerd wrote:
| Cloudflare lets you create custom error pages [1]. I would
| recommend making one for any geo-restricted pages. The
| benefit is that you can emulate your site theme and have an
| opportunity to explain the reasoning for the geographic
| restrictions.
|
| [1] https://support.cloudflare.com/hc/en-
| us/articles/200172706-C...
| codethief wrote:
| Hi Josh, thanks for taking the time!
|
| My question, to both you and (especially) Moxie: Why do you
| trust Intel SGX so much (for Signal but now also MobileCoin)?
| Why are you not worried about vulnerabilities? As you're surely
| aware, even Matt Green who is/used to be(?) the biggest fan of
| Signal[0] is very concerned[1] about SGX. I don't question your
| intentions but the fact that Signal as an organization has
| stayed completely silent about this is... worrisome and at the
| very least taints your reputation of openness and
| trustworthiness. With MobileCoin now relying on it, too (more
| or less), this only seems to be getting worse.
|
| [0]:
| http://web.archive.org/web/20200201112751/https://signal.org...
|
| [1]: https://blog.cryptographyengineering.com/2020/07/10/a-few-
| th...
| mbesto wrote:
| Why does a decentralized communication system need a defi based
| payment system that has the requirement of a CEO to run it?
| josh2600 wrote:
| I don't run anything related to the protocol. The protocol
| governed by the MobileCoin Foundation, an independent board
| of directors. The foundation makes recommendations about how
| the network might behave, but ultimately it's up to the node
| operators to decide what code they run.
| mbesto wrote:
| So what organization are you the CEO of? Is it a for-profit
| entity? What is that entities relation to the protocol?
| hiq wrote:
| Hi, I still have to read the docs more thoroughly, but given
| that these HN threads die out quickly, I'd rather ask now that
| I have the chance, so forgive me if some of these are answered
| in the docs:
|
| 1. how does MobileCoin make money?
|
| 2. how many coins do you / does MobileCoin own?
|
| 3. related to that, are there mechanisms in place to prove that
| this is not a pump and dump? Or simply, how do I know it's not
| one and it's here for the long-term?
|
| 4. what's the threat model of the blockchain you're using? E.g.
| for Bitcoin, the chain is compromised once 51% of the hashing
| rate belongs to collaborative evil miners (as a rough
| approximation). What about MobileCoin? When would something bad
| happen? How is it prevented?
|
| 5. how does MobileCoin compare with privacy-oriented
| cryptocurrencies such as Monero?
|
| P.S.: you might wanna add a F.A.Q. section somewhere for the
| questions I've mentioned and the others in this HN thread,
| right now we either have to blindly trust the claims on
| https://www.mobilecoin.com/ or going through the 133 pages of
| https://github.com/UkoeHB/Mechanics-of-MobileCoin, there should
| be some intermediate tech documentation (or does it exist
| already?)
| PragmaticPulp wrote:
| > 1. how does MobileCoin make money?
|
| MobileCoin pre-mined the coins and is selling them to users.
| According to other comments, they hold 85% of the coins.
|
| The CEO is commenting in this thread with a link to buy the
| coins. They make money by selling these coins.
| qqii wrote:
| Thanks for answering questions, it's nice to see that
| MobileCoin shares so many similarities with Monero with changes
| that seems to make decent tradeoffs for usability. I have a few
| questions:
|
| What is the identity and distribution behind the current
| mobilecoin nodes? What are the requirements for running a node?
| Since there is no node rewards how will nodes funded in the
| long term (10+ years)?
|
| Does mobilecoin employ something similar to Dandelion++? What
| prevents nodes or those running fog from performing timing
| based attacks? Is mobilecoin suseptable to any other attacks
| (e.g. Poisoned output, subaddress association)?
|
| How will the mobilecoin foundation and continued development be
| funded in the long term (10+ years)?
|
| If SGX is found to be vulnerable/no longer fit for purpose is
| there a mitigation plan?
| CynicusRex wrote:
| Can late MobileCoin adopters buy the same amount of coin for
| the same price as early adopters or is it a multi-level
| marketing pyramid scheme like the rest of the crypto"currency"
| greed and spam inducing cesspool?
|
| https://www.cynicusrex.com/file/cryptocultscience.html
| troquerre wrote:
| MobileCoin is already liquid on multiple exchanges so the
| coins would just be purchased at whatever the market price
| is. It also doesn't make sense for late adopters to get the
| same price because there's a lot more risk associated with
| being an early adopter than a late adopter. This works both
| ways -- if something bad happens to MobileCoin that tanks the
| price late adopters would be able to buy at a cheaper price
| because the new information gets priced in.
| CynicusRex wrote:
| >"It also doesn't make sense for late adopters to get the
| same price because there's a lot more risk associated with
| being an early adopter than a late adopter."
|
| Often repeated but false. Early adopters mine or buy large
| proportions at negligible prices while late adopters mine
| or buy negligible proportions at large prices.
| gsich wrote:
| There is no guarantee that there will be late adopters.
| So yes, there is risk.
| femiagbabiaka wrote:
| Random fact I found interesting: The Long Now Foundation is one
| of the featured funders behind MobileCoin.
| edsimpson wrote:
| MobileCoin looks fantastic! Seems to solve the major pain points
| of Bitcoin: fast transactions, low transaction fees, private and
| no massive environmental impact with mining. Any ETA on when this
| will come to the USA?
| hhjj wrote:
| Looks like it depends on SGX, so basically delegates trust to
| Intel. Bitcoin doesn't depend on trusting anyone.
| crystaln wrote:
| SGX is only used for an extra layer of privacy, beyond what
| any other currency offers. SGX is not used for the security
| of the currency. This criticism has been answered countless
| times.
| sudosysgen wrote:
| Many cryptos offer forward secrecy and completely opaque
| ledgers without any reliance on SGX.
| hhjj wrote:
| Why does the FAQ 2. say i have to run consensus-service
| with intel SGX to participate with other validation nodes ?
| Doesn't that imply the consensus is dependent on SGX ?
| alexmingoia wrote:
| You have to put the keys _somewhere_.
|
| Storing keys in SGX and using attestation to ensure only
| valid nodes access them is significantly more secure than not
| using the SGX.
|
| Using SGX gives a Signal user's phone the same level of
| security as using a hardware wallet like Ledger Nano.
| orph wrote:
| Keys are not stored in SGX. Keys never leave the phone.
| alexmingoia wrote:
| Can you provide more detail?
|
| _"Running MobileCoin in an SGX enclave allows nodes to
| securely manage keys for users. A client can perform
| remote attestation to its MobileCoin node before
| transmitting its keys into the remote enclave along with
| a short recovery PIN. The MobileCoin node can then rate
| limit authenticated access to the keys, while the enclave
| prevents the node operator or anyone who compromises the
| node from circumventing the software and attempting to
| brute force access to the keys directly. In this way,
| user keys can reside safely in a node and survive across
| application reinstalls or lost devices, without having to
| trust the node operator or the security of the node
| computer, and without having to memorize or safely store
| extremely long recovery passphrases."_
|
| https://mixin.one/assets/MobileCoin-Whitepaper-
| EN_FINAL.pdf
| [deleted]
| orph wrote:
| See #5 for more details:
| https://github.com/mobilecoinfoundation/mobilecoin#faq
|
| > 5. Will I need to put my keys on a remote server to
| scan the blockchain for incoming transactions?
|
| > Keys will never leave your mobile device. This is a
| challenging problem and we are very excited to share our
| solution when we release our mobile SDK software.
| bigiain wrote:
| Ahh, right. Nice. So keys never leave the phone due to
| magical hand waving. Got it.
| maclured wrote:
| MobileCoin isn't the only fast privacy coin in town - particl
| has most of the same features if not more, including a private
| ebay-style marketplace which should be ready for prime time in
| just over a month (all being well). And you can buy it on US
| exchanges today.
|
| [1] particl.io
| RL_Quine wrote:
| How much did MobileCoin pay for inclusion in Signal?
| BlueMatt wrote:
| According to coinmarketcap, MobileCoin's "Fully Diluted Market
| Cap is $15,638,578,369.65". If we take a conservative
| assumption of a 1% advisor grant (which would be very
| conservative for a system that has been pitching signal
| integration as its primary feature for years), then that would
| put the value of the integration at around $150 million today
| (or tens of millions a few weeks ago).
| 13rac1 wrote:
| https://www.wired.com/story/mobilecoin-cryptocurrency/ It is
| Moxie's, the creator of Signal, pet crypto project.
| josh2600 wrote:
| MobileCoin has not yet paid Signal anything for integrating
| MobileCoin. We intend to donate a great deal of money to Signal
| over the coming years.
|
| We believe in Signal's mission and we think that the world is a
| better place with Signal in it.
| RL_Quine wrote:
| Moxie Marlinspike is listed as an advisor for MobileCoin, was
| this not a paid position?
| josh2600 wrote:
| Moxie != Signal.
|
| Moxie, as an individual, is a paid technical advisor to
| MobileCoin but the reality is that we could never pay Moxie
| what his time is worth. I am thankful that he has chosen to
| help make this project a reality.
| fourstar wrote:
| >Moxie creates Signal
|
| >Moxie advises MobileCoin
|
| >MobileCoin gets integrated into Signal
|
| Hm, yes, must just be one large coincidence that this
| "integration" happened.
| pixxel wrote:
| And a reason surfaced to continue to connect users to
| their phone numbers...
|
| >>The UK also has receiver verification. If I try to send
| to an account and it doesn't match the name I'm sending
| to, my bank will warn me. How do you stop impersonation?
|
| A: Signal relies on phone numbers for identities. Other
| apps that integrate MobileCoin may have a higher
| threshold for identification.
| slenk wrote:
| Unfortunately, Moxie is Signal because he won't let
| anyone else (open-source clients) connect to the Signal
| servers OR run their own.
| lrvick wrote:
| Signal is entirely centralized and Moxie runs the
| organization.
|
| For all intents and purposes Moxie is 100% in control of
| the Signal network and could shut it down or release a
| malicious update that plaintexts messages at any time.
| BlueMatt wrote:
| The revelations from the Platformer article [1] about how
| Signal works inside make it pretty clear that Moxie ~=
| Signal.
|
| [1] https://www.platformer.news/p/-the-battle-inside-
| signal
| aaaxyz wrote:
| That is just sad.
|
| I've been a longtime signal user (since the
| textsecure/redphone days). I've always given moxie a pass
| on his controversial decisions (no federalisation, no 3rd
| party clients, no fdroid repo, relying on Google play
| services, being slow to release serverside source code)
| because the team was small and obviously had to cut
| corners somewhere.
|
| But learning that they spent their time adding support
| for a (premined?) cryptocurrency just because it's
| Moxie's pet project is disheartening. What are the odds
| that this would've been merged into the project if it had
| been a merge request opened by someone from the outside?
| vitno wrote:
| I am incredibly disappointed in the Signal team. I don't want
| cryptocurrencies (or even any payments!) in my primary text app.
| Crypto/blockchain is fine, but if I want to use it I'll download
| a different app.
|
| I'm finding this announcement creates some uncertainty in my head
| about Signal's long-term future.
| fastball wrote:
| How did you want Signal to monetize?
| lrvick wrote:
| Maybe like Matrix did?
|
| Sell turn key servers for people that lack the time or
| interest to run their own.
|
| Federated and ethical.
| [deleted]
| fastball wrote:
| Yep, that is one option, though that doesn't seem like the
| route Moxie wants to take from what I've seen. He seems to
| think that you need a cohesive centralized platform if you
| want to be competitive (2016)[1].
|
| At this point if you want federated it probably makes more
| sense to just use Matrix.
|
| [1] https://signal.org/blog/the-ecosystem-is-moving/
| RL_Quine wrote:
| > _Signal Foundation is a 501c3 nonprofit. We're proud of
| that designation and we're out to prove that a nonprofit can
| innovate and scale as well as any business driven by a profit
| motive._
|
| https://signalfoundation.org/
| fastball wrote:
| Unsurprisingly money is still needed to pay for development
| and hosting costs, and Brian Acton's loan won't last
| forever.
| vitno wrote:
| This explicitly doesn't monetize Signal so this line of
| argument isn't particularly relevant.
| TameAntelope wrote:
| There seems to be a very large amount of outstanding coin
| that the founders just happen to control...
| lvs wrote:
| Why this particular coin that nobody uses? This seems weird. Is
| this a monetisation scheme we should be worried about?
| fourstar wrote:
| IMO Signal/Moxie "advises" this project, so to me this seems
| like their way of cashing out (I'm assuming they hold the
| majority of coins), given that Signal itself is a not-for-
| profit organization. At least that's what I'd do if I were
| Moxie.
| tradertef wrote:
| They hold majority..
|
| Geee 1 hour ago | unvote [-]
|
| There are 250 million units of mobilecoin, and majority of
| them are owned by the founders. Only 37.5 million have been
| distributed. With current price ($65), they're worth $14B
| already. This makes the project a scam and impossible for it
| to work as a reliable money that holds value. Bitcoin had no
| pre-mine and has been fairly distributed from the start.
| rOOb85 wrote:
| I haven't seen any sources to back that up. Just that one
| comment claiming those facts.
| bilal4hmed wrote:
| With Signal not releasing their server code and now this, I
| regret using and asking a good chunk of my base to move to
| Signal.
| adamsvystun wrote:
| This is not entirely true. There has been a delay (11 month) in
| the sync of the server code with a public GitHub repo.
| Currently all commits are there:
| https://github.com/signalapp/Signal-Server/commits/master
| ciconia wrote:
| My thoughts exactly. This makes a very bad impression.
| codethief wrote:
| I haven't made up my mind regarding the payments feature yet
| but yeah, what's up with the server code? Why hasn't it been
| updated in over a year?[0]
|
| Also, why do the Signal developers trust SGX so much and have
| stayed completely silent about SGX vulnerabilities - even when
| the cryptographers whose quotes they used to put on the
| signal.org home page[1] are increasingly critical?[2]
|
| Finally, why is there no open communication about major events
| like the Signal PIN UI fuckup last year or the server issues
| earlier this year? Foundation or not, if no communication is
| happening and they're not demonstrating that they're capable of
| openly admitting mistakes and learning, they're not gaining the
| trust of anyone.
|
| Don't get me wrong, I've been a die-hard fan of Signal since
| the early TextSecure days and have convinced > 100 people to
| switch but I'm starting to have a bad aftertaste and some of my
| friends (equally big Signal fans) are, too.
|
| EDIT: Looks like the Signal server repo[3] was updated _today_
| , as this article[4] (in German) attests to. I had last checked
| the repo this past weekend. I suppose the repo hadn't been
| updated to keep the MobileCoin thing secret but I do wonder:
| Why not simply create a private branch instead of risking one's
| reputation for openness?
|
| [0]:
| http://web.archive.org/web/20210311053716/https://github.com...
|
| [1]:
| http://web.archive.org/web/20200201112751/https://signal.org...
|
| [2]: https://blog.cryptographyengineering.com/2020/07/10/a-few-
| th...
|
| [3]: https://github.com/signalapp/Signal-Server
|
| [4]: https://www.golem.de/news/crypto-messenger-signal-server-
| nic...
| [deleted]
| hlieberman wrote:
| Why not use GNU Taler, if you insist on integrating a irrelevant
| payment mechanism?
| alexnewman wrote:
| What's that?
| viro wrote:
| I can't upvote this enough.
| remirk wrote:
| Their website is pretty good and answers your question better
| than I could: https://taler.net/en/principles.html
| summm wrote:
| Because GNU Taler wouldn't allow them to get rich quick.
| olah_1 wrote:
| GNU Taler would have been far _more_ relevant because it is a
| generic payment processing service and not tied to any specific
| coin.
| [deleted]
| raspyberr wrote:
| Super sad that they didn't choose Monero.
| AfouToPatisa wrote:
| Multiple reasons why MOB over monero but I will state only the
| most practical one, using the stellar consensus a tx takes
| 3-5sec. With monero that's more like 1-2mins if Im not mistaken
| which is a big no-no for the usecase of instant mobile private
| payments. Fees are also super low w/ mob (0.01)
|
| TLDR: UX
| selsta wrote:
| XMR transaction can show up instantly once they are in the
| mempool, a user does not have to wait for a confirmation to
| see a transaction. Obviously there are uses where you want to
| wait for confirmations, but for the use case of sending money
| to friends it isn't necessary.
|
| Fees are also in a similar range (0.01).
| olah_1 wrote:
| It is. Monero community seems to have made so many choices that
| prove it is dedicated to the "digital cash" use case (dynamic
| block sizes, constant tail emission, etc).
| dethos wrote:
| The tech behind this new "coin" they are using seems to be
| based on Monero. Even their book [1] says the following:
|
| > 'Mechanics of MobileCoin: First Edition' is an adaptation of
| 'Zero to Monero: Second Edition', published in April 2020.
|
| [1] https://github.com/UkoeHB/Mechanics-of-
| MobileCoin/blob/maste...
| matheusmoreira wrote:
| That was my first thought as well. Why didn't they pick Monero?
| I don't see how any other coin could be better.
| PragmaticPulp wrote:
| Using an established cryptocurrency doesn't provide a good
| way for them to profit.
|
| MobileCoin is pre-mined and the majority of coins are held by
| founders and the MobileCoin organization. They want to sell
| you coins, so partnering with Signal to force you to buy
| their coins to transact on the app gives them a revenue
| stream.
|
| If they simply added Monero, they wouldn't be able to sell
| you coins.
| wjntzf wrote:
| No near-instant confirmation, maybe. At first glance not a
| big problem for users, but can run you into a lot of problems
| justupvoting wrote:
| Only thing I can think of off the top of my head is optics
| (most of the installed userbase for signal has probably only
| ever heard of monero in a negative light).
| txr wrote:
| I'm not sure this solves any problem users have. Due to the
| nature of Signal requiring the phone number of the counter part
| to be in the phone book this feature will mostly be usable with
| friends or people you know directly. A feature which some users
| might want is to easily send money to a friend. These transfers
| will therefor be inherently be based on the countries currency.
| I'm not sure people will accept a cryptocurrency which value
| fluctuates in relation to the normal currency.
|
| For other uses cases they can use a cryptocurrency directly (even
| MobileCoin) from another app. I can understand that
| cryptocurrencies are very interesting from a technical and
| cryptographic point of view. But in their current state most of
| them a more for speculation and doing state of the art computer
| science.
|
| Therefore I think this totally useless in the signal app.
| tradertef wrote:
| This is really really sad. It removed all my trust in Signal.
| EGreg wrote:
| https://community.intercoin.org/t/signal-another-centralized...
| dash2 wrote:
| I don't know if crypto is good or bad, but I can't imagine this
| feature driving Signal uptake. It would be better to focus on
| allowing ordinary payments in GBP via Signal. Even if the
| payments themselves weren't private, the messages still would be.
| mikeiz404 wrote:
| For those wondering about volatility...
|
| > MobileCoin also remains even more volatile than older
| cryptocurrencies, with constant price swings that will
| significantly change the balances in a user's Signal wallet over
| the course of days or even hours--hardly the sort of issue that
| Venmo users have to deal with. (Since March 27, MobileCoin's
| value has shot up nearly 600 percent, possibly due to rumors of
| the impending Signal integration or possibly the result of a
| "short-squeeze.")
|
| > To try to tame that volatility problem, Marlinspike and
| Goldbard say they imagine adding a feature in the future that
| will automatically exchange users' payments in dollars or another
| more stable currency for MobileCoin only when they make a
| payment, and then exchange it back on the recipient's side--
| though it's not yet clear if those trades could be made without
| leaving a trail that might identify the user. "There's a world
| where maybe when you receive money, it can optionally just
| automatically settle into a pegged thing," Marlinspike says. "And
| then when you send money it converts back out."
|
| https://www.wired.com/story/signal-mobilecoin-payments-messa...
| wjntzf wrote:
| The project is brand-new, what do you expect? In any case, the
| end-game is to use MOB for the transaction and instantly
| convert to fiat, so volatility would not be of concern to the
| end-user
| Jommi wrote:
| " the end game is to make the user buy a house, sell the
| house to the other user, and make that user sell the house
| into fiat, it's that simple!"
| Anon1096 wrote:
| Are there any tax implications of sending someone
| cryptocurrency that has appreciated? Say you owned 1 million in
| mobilecoin a month ago that is now 6 million, can you just send
| it to someone and avoid the capital gains tax? And if not, do
| apps like Signal have to report these earnings on transfer from
| mobilecoin to USD? (since signal plans to facilitate it in some
| way)
| nickthemagicman wrote:
| 1. MobileCoin premines 250m coins
|
| 2. Moxie gets paid for being on their advisory board
|
| 3. Moxie directs his non-profit to integrate MobileCoin in secret
|
| 4. MobileCoin offers 1/5 of their premine for sale.
|
| 5. Signal announcement spikes price to $60
|
| How accurate is this?
|
| via: https://twitter.com/lrvick/status/1379536536459431937
| codethief wrote:
| > 3. Moxie directs his non-profit to integrate MobileCoin in
| secret
|
| The fact that Moxie is collaborating with MobileCoin has been
| known for _years_.
| corobo wrote:
| oh here we go..
|
| I can't wait till we stop sprinkling bitcoin over everything. At
| least when we go back to ads we'll stop getting the spam from
| bots trying to claim their free $0.00003 in cryptocoin of the
| week
| mek wrote:
| I'd be super excited if this was about Monero :/
| qqii wrote:
| Not a very surprising choice given Signals current use of SGX and
| reliance on their centralised server. It's a bit of a shame as
| MobileCoin doesn't offer as strong guarentees as other privacy
| coins but I'm interested to see how they maintain privacy whilst
| peg the transacted value - I can't imagine how they wouldn't have
| to rely on an exchange for liquidity.
|
| SCRT network is a similar project that uses SGX but supports
| smart contacts so they could have a Maker like pegged token.
| seany wrote:
| What are the KYC requirements? I'm going to assume that it's
| none, since it's privacy focused
| rcMgD2BwE72F wrote:
| Does KYC apply to all transactions or only to purchase of
| currency?
|
| Because I can get bank notes from an ATM and pay anyone in cash
| without having an intermediary verify my identity when money
| changes hands.
| kasey_junk wrote:
| Not over certain spending limits you can't.
| seany wrote:
| In practice, sure you can. You have to be careful about
| getting it back into the normal banking system if you want
| to do that; but you aren't going to be raided by the secret
| service for handing someone 30k in a parking lot (something
| I have done before)
| yosito wrote:
| If even Signal is compromised, I'm debating just going back to
| WhatsApp for convenience and assuming that every message I send
| and every contact I have is fully public information that can be
| used by advertisers and governments to profile me.
| meowfly wrote:
| The comment from the article echos my own sentiments:
|
| > Speaking solely as a person who is really into encrypted
| messaging, it terrifies me that they're going to take this really
| clean story of an encrypted messenger and mix it up with the
| nightmare of laws and regulations and vulnerability that is
| cryptocurrency.
|
| Moreover, there are three other points I'd add:
|
| 1. I don't like "do everything" apps like WeChat or Line. One of
| Signals strengths was UX that focused on it's core competency.
| Early in Signal's development they would add privacy features.
| Lately they have been adding social features. This, however,
| feels especially out of left field and likely to hurt the UX.
|
| 2. This smells like dev resources will be spent building and
| maintaining something not related to messaging.
|
| 3. I've always had a "don't let perfect be the enemy of good"
| rationalization that gives Signal autonomy to grow a privacy
| centric messaging app despite the deficits (e.g lack of
| federation). In contrast, I personally associate "crypto" with
| "scam". There have been so many shady ICOs and pump-dump schemes
| around crypto. This will taint the product for those of us who
| don't think of crypto currency as being anything more than pump-
| and-dump schemes and a way to buy dab rigs online.
| takenpilot wrote:
| In a lot of ways, the transfer of cryptocurrency is the same as
| the transfer of generic messages.
|
| It's only when you're transferring them back to
| dollars/yuan/yen/etc. that it's suddenly currency from a
| government.
| gsich wrote:
| So how do I get the cryptocurrency in the first place?
| Especially Mobilecoin?
| guerrilla wrote:
| I'll tell you one way it's not, is as soon as someone commits
| a crime who happens to use Signal and the media gets ahold of
| this. It'll be a circus with terms like "dark webv and wha
| not thrown arohnd. GPs point #3 is kind of important for
| their reputation and if we want to onboard more people into
| crypto messaging.
| sequoia wrote:
| > Early in Signal's development they would add privacy
| features. Lately they have been adding social features.
|
| This is intentional and relates to Signal's growth in the past
| few years. It's not "a hacker tool for nerds" it's "a friendly,
| easy to use chat app with stickers & voice messages (also
| strong encryption)."
|
| IRC does one thing and does it well, and barely anyone uses it.
| The "clean technical vision" story isn't enough on its own.
| BlueTemplar wrote:
| Well, I guess that it can go both ways : you can have too
| many or not enough features...
| rapnie wrote:
| Amen to all your points. I find this really disappointing. The
| "yeah, but they are a non-profit so you can be assured they are
| good custodians of the product" no longer goes for me.
| guerrilla wrote:
| Yeah I agree. I wouldn't mind so much if this were a second app
| but this is kind of scary.
| qrbLPHiKpiux wrote:
| Is your backend open source, or not?
|
| Haven't seen the git updated in a while.
| brodo wrote:
| Effectively not anymore. Here is a very recent german article
| about it: https://www.golem.de/news/crypto-messenger-signal-
| server-nic...
|
| No updates in the repo for over a year and no answers from the
| team. The whole crypto currency thing is also a red flag for
| me. Matrix seems to be the better option by now...
| dunefox wrote:
| If anything, Threema is the best alternative.
| pmlnr wrote:
| No, it really is not. Matrix or XMPP.
| hiq wrote:
| Old news: https://github.com/signalapp/Signal-Server
| hiq wrote:
| Last commit 5 days ago: https://github.com/signalapp/Signal-
| Server
| olah_1 wrote:
| This is either the mandela effect (I know for a fact that the
| server was stuck on "April 2020" for at least 6 months), or
| Signal intentionally hid development and then revealed it all
| when they realized it was bad PR.
| codethief wrote:
| No, you're absolutely right. The repo had indeed been stuck
| on "April 2020". I last checked it two days ago.
|
| Wayback Machine for March 11: http://web.archive.org/web/20
| 210311053716/https://github.com...
| hiq wrote:
| No, they just pushed today. They presumably didn't want to
| talk about MobileCoin before it was ready.
| Forbo wrote:
| I saw that not too long ago myself. Purely speculation
| here, but perhaps they opted not to publish any commits
| until they had a chance to have their MobileCoin
| implementation audited? Just wish they had been more
| forthcoming about why they were not pushing commits.
| approxim8ion wrote:
| Them not allowing federation sucks, because I would absolutely
| use a client with this removed.
| RL_Quine wrote:
| On some level, they can't prevent you from just using the
| backend. Unfortunately just maintaining a fork with different
| branding is essentially a full time job, I used to do this so
| that I could use a work and personal number in two instances of
| the app but it was too much effort to be worthwhile.
| timwaagh wrote:
| I was concerned about how signal was monetising. They barely
| receive any scrutiny and people take them at their word too much
| because they are supposedly non commercial.
|
| This basically confirms my suspicions
| alexnewman wrote:
| I mined my first btc on a laptop when that was thing. It was so
| hi tech when it was launched. It seems like it's features are
| mostly gradual and around the edges.
|
| Mobilecoin feels hi tech
| drummer wrote:
| This is huge. Huuuuuuuuge. I haven't checked MobileCoin yet but
| hope it is as good with privacy as Signal but also decentralized.
| mLuby wrote:
| Is this bizarre feature actually some kind of warrant canary?
|
| I thought Signal was already financially secure.
| EMM_386 wrote:
| Mobilecoin was flat for long time at around $7 and then on March
| 28th started a dramatic rise to $66 today.
|
| There were rumors in late January that Signal was looking into
| Mobilecoin but that seems unrelated, and I'm not sure I buy a
| short-squeeze scenario as mentioned on Twitter.
|
| https://coinmarketcap.com/currencies/mobilecoin/
|
| https://twitter.com/classicmacro/status/1375868871509442562
| edent wrote:
| The UK already has faster payments in all major banks. I can send
| and receive money instantly from app or Web. Will yours be as
| fast as that?
|
| The UK has a problem with authorised push payment fraud. Banks
| can recover funds which have been sent as a result of phishing /
| fraud. How can I reverse a payment on your platform if it was
| fraudulent?
|
| The UK also has receiver verification. If I try to send to an
| account and it doesn't match the name I'm sending to, my bank
| will warn me. How do you stop impersonation?
|
| There's no cost to sending payments on most mainstream banks. How
| much do you charge?
|
| Most banks let the user block receiving payments from specific
| accounts. How do you stop harassers sending unwanted money?
|
| Thanks!
| leetcrew wrote:
| > How do you stop harassers sending unwanted money?
|
| idk, but this sounds like a great problem to have.
| frakkingcylons wrote:
| I wouldn't want to be barraged with messages from spammers
| because they're sending me $.0001
| Andrew_nenakhov wrote:
| Not really. Someone steals money, sends them to you, your are
| having lots of trouble proving you are not an accomplice. If
| you are a government official, you can be framed as receiving
| a bribe.
|
| In russia government can send your organisation money from
| abroad via an agent and then shut you down as a 'foreign
| agent'.
| Jtsummers wrote:
| > In russia government can send your organisation money
| from abroad via an agent and then shut you down as a
| 'foreign agent'.
|
| They could do this with traditional banking systems as
| well. Presumably the Russian government has a high degree
| of surveillance with regard to their domestic banks like
| every other nation in the world has. Creating a false
| financial trail is made slightly easier with crypto
| currencies, but for a nation state it's not hard to do with
| traditional banking systems.
| Andrew_nenakhov wrote:
| Creating a false trail is far more difficult than asking
| some scoundrel send 100 euro while vacationing in Italy
| or Spain. Also, for a FSB operative it is an opportunity
| to go to spain to 'supervise' the operation, lol.
| josh2600 wrote:
| >>The UK already has faster payments in all major banks. I can
| send and receive money instantly from app or Web. Will yours be
| as fast as that?
|
| A: MobileCoin is as fast (or faster in some cases) than a bank
| payment in the UK with greater privacy. As far as settling back
| to Fiat, if that's what you're asking about, the velocity of
| that depends on on-ramp and off-ramp integrations which will
| come over time (but it looks like there's no reason MobileCoin
| can't help developers deliver payments at the same speed as
| banks).
|
| >>The UK has a problem with authorised push payment fraud.
| Banks can recover funds which have been sent as a result of
| phishing / fraud. How can I reverse a payment on your platform
| if it was fraudulent?
|
| A: Payments on MobileCoin cannot be reversed at the protocol
| level. If you want escrow and reversibility, you should use a
| wallet or payment service that supports those primitives. We
| believe that developers will build such services on top of the
| foundation of the MobileCoin protocol.
|
| >>The UK also has receiver verification. If I try to send to an
| account and it doesn't match the name I'm sending to, my bank
| will warn me. How do you stop impersonation?
|
| A: Signal relies on phone numbers for identities. Other apps
| that integrate MobileCoin may have a higher threshold for
| identification.
|
| >>There's no cost to sending payments on most mainstream banks.
| How much do you charge?
|
| A: Fees are set by the foundation (which has a stated goal of
| keeping transaction fees to around $.04 when the network isn't
| congested). Currently fees are higher as they need to be
| adjusted by a foundation vote.
|
| >>Most banks let the user block receiving payments from
| specific accounts. How do you stop harassers sending unwanted
| money?
|
| A: Signal doesn't allow people you haven't keypaired with to
| send you funds. If you have accepted a message request from
| someone, they can send you money.
| hmsimha wrote:
| Heads up, it would be useful on HN if you were to disclose
| your affiliations / interests when posting, especially about
| something like a cryptocurrency you helped design.
|
| It gives readers a better sense of your ability to answer the
| questions accurately, in addition to letting people make
| assessments based on the potential conflict of interest.
|
| Also, responding here and inviting discussion on a technical
| level is possibly the best thing you can do for perception of
| Mob, because this is a forum where those questions are likely
| to get asked.
|
| Edit: I see you've done that in another post on this thread.
| Since we don't have anything like flair it would also help
| people who don't read the whole thread.
| josh2600 wrote:
| Yes, this originally was a child comment to the thread
| where I identified myself as the MobileCoin CEO. Dang
| merged two threads and this got separated from the top-
| level comment.
| hiq wrote:
| > Most banks let the user block receiving payments from
| specific accounts. How do you stop harassers sending unwanted
| money?
|
| First time I read about that, how does this work in practice? A
| person regularly sends you small amounts such that all you see
| is their name whenever you log into your bank account?
| dan-robertson wrote:
| This was my question too. I don't really understand why the
| U.K. was chosen as the initial market. At least in the U.S.
| people are used to venmo and suchlike being services they might
| use. My guess is that either the cryptocurrency people are
| based in the U.K. or that whoever is in charge is viewing the
| country as something like America but easier to get started
| (anglophone but smaller market for testing or easier
| regulations or less competition) however I don't think the U.K.
| is a good substitute for America in this case.
|
| The one venmo-like thing people _do_ use a lot in the U.K. is
| probably something like revolut for dealing with different
| currencies and international transfers (either for travel in
| Europe or for migrant workers sending earnings abroad for
| family or retirement). But a service that's only available in
| the U.K. isn't much use for that.
|
| I also personally don't really see the privacy use. I think I'm
| willing to give up a reasonably large amount of private
| information about the people on either side of a transaction if
| it is effective at reducing fraud and making transactions
| reversible.
| rvz wrote:
| So when Keybase added Stellar support for payments, this was met
| with lots of hostility and disappointment, such as 'cryptocoin
| bullshit' [0] or 'Yeah, I am not going to use any product
| associated with anything cryptocurrency. Just smells bad. [1]
|
| Now the same thing has happened on Signal; HN's favourite
| messaging app. So why is this met with warm welcoming arms
| especially when they are also going into cryptocurrencies?
|
| Maybe the HN sentiment back then was filled with those who missed
| the crypto bull-run of late 2017 and the same ones have missed it
| again last year.
|
| [0] https://news.ycombinator.com/item?id=16545092
|
| [1] https://news.ycombinator.com/item?id=16546963
| [deleted]
| rapnie wrote:
| No warm welcome by me.. on the lookout for something different
| again. Btw, for people using Keybase and considering an
| alternative, have a look at https://keyoxide.org .. project
| still young, but very promising plus they intend to only focus
| on the core features. No chat or other stuff mixed in.
| ornornor wrote:
| Maybe because people trust the signal project more than keybase
| (which sold out to zoom, of all companies)
| 627467 wrote:
| Would only make sense if keybase incorporating stellar
| occured after acquisition and not before (as it actually
| happened)
| leppr wrote:
| I think it's 2 factors.
|
| First, indeed the sentiment changed radically between now and
| then. For some reason, this subject has always attracted
| irrationality on HN. Back then any comment vaguely positive
| about cryptocurrencies would accumulate downvotes, now threads
| are full of clearly invested shills (you can see it in this
| very thread).
|
| Secondly and more specifically, Stellar, being a simple Ripple
| fork with an equally dubious token distribution, was a weird
| fit for Keybase.
|
| MobileCoin, while having some of the same downsides (federated,
| centralized token holders distribution) has a more interesting
| design, and is closer to the actual cryptocurrency/cypherpunk
| spirit thanks to its fully private transactions and balances.
| tych0 wrote:
| > So why is this met with warm welcoming arms especially when
| they are also going into cryptocurrencies?
|
| In the other thread it was not:
| https://news.ycombinator.com/item?id=26713953
| [deleted]
| yoavm wrote:
| I really wish Signal had stable voice and video calls before it
| added this blockchain thing.
| fastball wrote:
| My voice calls have been very stable. What kind of issues are
| you experiencing?
| yoavm wrote:
| They basically only work if I'm on a great Wifi and the other
| side is too. As long as the connection isn't perfect, the
| only way to continue the conversation is on Whatsapp (or
| Zoom).
| drummer wrote:
| I hope Signal opens up to worldwide payments soon. If anyone
| knows, some kind of roadmap would be nice to have.
| morsch wrote:
| Help Us Encourage Matrix Adoption
| otoburb wrote:
| Congratulations on the announcement.
|
| >> _Those outputs contain the entire original supply of
| MobileCoin (250 million MOB)_ [1]
|
| Is the entire supply of 250M MOB available for sale on FTX, or is
| only a restricted number of MOB tokens available for sale to UK
| residents? Is it fair to assume that the MobileCoin Foundation
| has no plans for an airdrop (unlike Stellar)?
|
| [1] "Mechanics of MobileCoin", v0.0.39, pg. 133
| josh2600 wrote:
| A majority of the supply of MobileCoins is available for
| purchase at https://www.buymobilecoin.com. We have many plans
| for how to help users get coins but none that we are prepared
| to disclose today beyond the aforementioned website.
| lrvick wrote:
| Down
| donclark wrote:
| So is this testing only available in the UK?
|
| If so, maybe make that more clear or prominent?
| Geee wrote:
| There are 250 million units of mobilecoin, and majority of them
| are owned by the founders. Only 37.5 million have been
| distributed. With current price ($65), they're worth $14B
| already. This makes the project a scam and impossible for it to
| work as a reliable money that holds value. Bitcoin had no pre-
| mine and has been fairly distributed from the start.
| PragmaticPulp wrote:
| The founding organization owns 85% of the total market cap of a
| coin? That should be raising red flags for everyone involved.
|
| There is no valid reason for the vast majority of what is
| supposedly a currency to be owned by the company that created
| it. Imagine if PayPal launched but required everyone to
| transact in fractional shares of PayPal to get anything done.
| Oh and by the way, those shares are majority owned by the
| founders, but they'll sell you some so you can send them to
| your friends.
|
| This is ridiculous.
| josh2600 wrote:
| The majority of the MobileCoins are available for purchase
| for non-us persons at https://www.buymobilecoin.com right
| now.
| PragmaticPulp wrote:
| Yes, we're well aware that you would love to sell us those
| coins you pre-mined.
|
| That's the problem.
|
| If Signal was serious about this they would have launched
| their own fork instead of pitching a pre-mined coin to
| their users.
| xur17 wrote:
| > If Signal was serious about this they would have
| launched their own fork instead of pitching a pre-mined
| coin to their users.
|
| Agreed. They either would have launched their own fork
| and distributed the vast majority to their users, or at
| the very least chosen an existing project that was fairly
| well distributed.
|
| This makes me believe they primarily did this in return
| for an incentive from Mobilecoin.
| otoburb wrote:
| The slashdot effect triggered Cloudflare's DDoS protection
| and is returning errors for that page.
| josh2600 wrote:
| No, this is just what happens when you try to hit the
| page from a US IP address.
| fblp wrote:
| There is only a "contact us" link on that page.
| rOOb85 wrote:
| Can you post your source for these claims?
| marcinzm wrote:
| Their own white paper (no longer hosted on their site it
| seems) says they created 250 million tokens and pre-sold 37.5
| million.
|
| https://mixin.one/assets/MobileCoin-Whitepaper-EN_FINAL.pdf
| josh2600 wrote:
| This whitepaper is not the whitepaper I wrote back in 2017.
| We took that down because it was ultimately not the design
| we implemented. The full system design can be found here:
| https://github.com/UkoeHB/Mechanics-of-
| MobileCoin/blob/maste....
| opheliate wrote:
| Fyi, while the whitepaper marcinzm links to may not be
| the design you implemented, it is the first result (for
| me, at least, in the UK) when googling "MobileCoin
| Whitepaper", while the Mechanics of MobileCoin repo
| doesn't appear at all.
|
| Just in terms of avoiding confusion, you might want to
| reach out to mixin.one to try to replace that document
| with one that clarifies that the design outlined there
| was not used? Or publicise the actual design a bit
| better? (I couldn't find a link to this repo on the
| MobileCoin website, which is why I searched for the
| whitepaper elsewhere in the first place).
| Geee wrote:
| It's in the whitepaper. There are 250 million coins in total,
| and 37.5 million were sold in the ICO. I couldn't find any
| information on further distribution or monetary policy, so I
| assume the founders still hold them.
| lottin wrote:
| Bitcoin rates worse than North Korea in terms of wealth
| distribution as measured by the Gini coefficient. [1]
|
| [1] https://blog.dshr.org/2018/10/gini-coefficients-of-
| cryptocur...
| modeless wrote:
| All calculations of this sort are fatally flawed because they
| assume all the coins in one address are owned by one person.
| That would be like calculating the US Gini coefficient
| assuming that all bank accounts are owned by the CEO of the
| bank.
| doggosphere wrote:
| A system which is 12 years old, of which many people have not
| heard about, don't understand, or may not even care to
| understand. In some countries its illegal to use. Most
| countries have unfriendly tax treatment (capital gains on
| your coffee purchase). Can't be paid in it. Can't yet pay
| your federal taxes in it. Uncertain if the government will
| one day ban it.
| thaumasiotes wrote:
| > Most countries have unfriendly tax treatment (capital
| gains on your coffee purchase).
|
| That's definitely unfriendly tax treatment. Is it different
| from the tax treatment that applies to national currencies?
| doggosphere wrote:
| Not sure in the US, but in Canada you don't need to
| report capital gain on foreign currencies if its under
| $200.
| orph wrote:
| Even UK-only release in Signal means more people with
| cryptocurrency wallets than all other cryptocurrencies
| combined.
| megameter wrote:
| It's roughly similar to Brave's userbase, though Brave is
| opt-in. Figures from 2020 put both in the low tens of
| millions.
| qertoip wrote:
| MobileCoin is not a cryptocurrency.
| otoburb wrote:
| The Wired article that the CEO of Mobilecoin is implicitly
| endorsing in this thread specifically categorizes
| Mobilecoin as a cryptocurrency. At least, it doesn't seem
| to be a distinction worth splitting hairs about (yet).
| admax88q wrote:
| Is the number of empty wallets of a cryptocurrency a useful
| metric in any way?
| mandelbrotwurst wrote:
| I would say yes, at least to the extent that owners are
| aware that they exist and potentially become more likely to
| use.
| MithrilTuxedo wrote:
| Agreed. I was half expecting this was going to be using Monero,
| one of the more popular privacy-oriented cryptocurrencies I
| know of that's already being used.
|
| E.g. the only cryptos I've seen people accepting on dark web
| markets are Bitcoin and Monero.
| akvadrako wrote:
| Monero is clearly the most practical secure coin as evidenced
| by it's popularity on the darknet. But I think what
| MobileCoin offers is speed.
| [deleted]
| [deleted]
| CynicusRex wrote:
| No "pre-mine" doesn't mean fairly distributed. Bitcoin is a
| multi-level marketing pyramid scheme as well. Early adopters
| mine or buy large proportions at negligible prices while late
| adopters mine or buy negligible proportions at large prices.
| olah_1 wrote:
| The gold and oil rushes weren't "fair" either. Fortune favors
| the bold, I guess. I was salty for a long time about bitcoin
| early buyers being filthy rich now. My saltiness clouded my
| vision of the real value there. Granted, I think there are
| better solutions than bitcoin now, but I respect it.
| anonporridge wrote:
| By this definition, every company stock is a multi-level
| marketing pyramid scheme.
|
| In fact, company stock is WAY worse, because the majority of
| people are legally prohibited from investing in private
| companies unless they're an accredited investor (already
| rich). So, only rich people (other than founders and early
| employees) are allowed to buy in at super low prices before
| handing off the bag to the public.
| PragmaticPulp wrote:
| This is incorrect. Stock represents actual ownership of a
| scarce resource (a company). That company would have value
| whether or not it was explicitly sold as a stock. The value
| doesn't come from the stock.
|
| Cryptocurrency removes the underlying asset and simply
| sells shares of artificial scarcity. It's only as valuable
| as what people decide to trade it at, because it doesn't
| represent ownership of anything other than itself.
| chrisco255 wrote:
| > This is incorrect. Stock represents actual ownership of
| a scarce resource (a company). That company would have
| value whether or not it was explicitly sold as a stock.
| The value doesn't come from the stock.
|
| Depending on the voting rights embedded in the share,
| your ownership is likely meaningless. It doesn't
| guarantee you rights to dividends necessarily and even if
| it does, the company can just choose to never issue a
| dividend (like Amazon). It doesn't necessarily grant you
| voting rights for the Board of Directors either. Worse,
| you have to go through a 3rd party broker to buy a share
| or trust a company like Robinhood to hold your shares for
| you. As we saw with GameStop, they can rug pull on you at
| any time. With decentralized cryptos like BTC & ETH, that
| can't happen from your own private wallet. You can always
| transact.
|
| Cryptos such as BTC & ETH are provably scarce, not
| artificially scarce. You can validate supply at any time
| by running your own node and joining the network. You
| don't need anyone's permission to do that. It's a public
| blockchain.
| fwip wrote:
| It's both provably scarce and artificially scarce.
| PragmaticPulp wrote:
| > your ownership is likely meaningless
|
| That's not true. The shares still represent a claim on
| the underlying company.
|
| If someone wants to acquire the company, they have to
| compensate you for the shares that you hold.
|
| Companies can't simply wave a magic wand and steal value
| from shareholders. There's more to stock ownership than
| voting rights.
| doggosphere wrote:
| _Stock represents actual ownership of a scarce resource
| (a company)._
|
| Is there a limit to how many shares a company can issue?
| No, a board can technically issue shares unto infinity.
| There is no guarantee of scarcity, no guarantee they will
| not raise more money.
|
| _That company would have value whether or not it was
| explicitly sold as a stock. The value doesn't come from
| the stock._
|
| So when a company has no profit but a high valuation, is
| this the market correctly discounting future predicted
| cashflows and giving a company fair value, or is it some
| sort of scam? Ex: Is NKLA actually a $5.2b electric
| vehicle company? How about the spade of Chinese IPOs that
| ended up being vaporware?
|
| _Cryptocurrency removes the underlying asset and simply
| sells shares of artificial scarcity._
|
| The scarcity isn't artificial. It's mathematically
| provable, open source and auditable. If you think you can
| manufacture "fake" btc on the blockchain, feel free to
| try. If you think you can successfully fork and create a
| whole new chain, you're also welcome to try.
|
| _It's only as valuable as what people decide to trade it
| at, because it doesn't represent ownership of anything
| other than itself._
|
| This is actually factual for anything in existence. A
| piece of bread. A $100m painting. You're starting to
| figure out what peculiar creatures humans are.
| PragmaticPulp wrote:
| > Is there a limit to how many shares a company can
| issue? No, a board can technically issue shares unto
| infinity. There is no guarantee of scarcity, no guarantee
| they will not raise more money.
|
| The scarce asset is _the company_ , not the shares. Yes,
| they can issue more shares, but those shares still
| represent the same company plus the new investment money
| raised by raising the shares. They're not creating more
| company out of thin air when they issue more shares.
|
| EDIT: To clarify some misconceptions in the comments
| below: When a company sells more shares into the market
| they are not simply diluting away existing shareholders.
| The keyword is that they are selling shares, meaning they
| take money in exchange for shares. The company's value
| increases by the amount of money they take in exchange
| for the sale.
|
| Example: If a company is worth $1,000,000 and has
| 1,000,000 shares outstanding, each share is worth $1. If
| the company decides to sell another 100,000 shares and
| the market buys them at $1/each, there are now 1,100,000
| shares outstanding and the company is now worth
| $1,100,000 because they took in $100,000 of cash via
| share sales. Existing shareholders have not lost any
| money or value.
| blackearl wrote:
| It doesn't matter if it represents the company because
| the thing that shareholders care about is how much $ each
| share represents. This is why a stock will tank when a
| company talks about diluting their existing shares by
| creating new shares out of thin air. What you're talking
| about would be more akin to a stock split.
| PragmaticPulp wrote:
| When a company sells more shares, they money they raise
| from selling those shares contributes to the value of the
| company.
|
| If a company sells 100,000 shares at a dollar each, the
| company is now worth $100,000 more because they now have
| another $100,000 on their balance sheet. No value is lost
| in this process.
|
| > This is why a stock will tank when a company talks
| about diluting their existing shares by creating new
| shares out of thin air.
|
| Companies can't just declare that more shares exist and
| dilute away shareholders like you said. They either issue
| them as stock based compensation, which is an expense, or
| they sell the shares to buyers, which means money goes
| toward their bottom line.
| blackearl wrote:
| Value is lost to existing shareholders who have the value
| of their shares diluted. Everything you're saying may
| seem logical, but economics is often illogical and any
| 1:1 $:stock sales still tank the share price.
| PragmaticPulp wrote:
| > Value is lost to existing shareholders who have the
| value of their shares diluted.
|
| You're confusing percentage dilution with absolute
| diluation.
|
| The shares represent the value of the company. The value
| of the company has increased by the amount of money
| raised. Each share represents a lower percentage of the
| company, but this is offset by the fact that the value of
| the company has increased _by the amount of money
| raised_. The shares have not been diluted on an
| _absolute_ value scale.
|
| Owning 10% of a company worth $1mm is the same value as
| owning 5% of a company worth $2mm.
|
| If you own 10% of a $1mm company that raises another $1mm
| by selling more shares, you now own 5% of a 2mm company.
| Your percentage ownership is diluted, but your value has
| not been stolen.
|
| This is basic pre- and post-investment math. Shareholders
| are diluted on a percentage basis, but not on an absolute
| basis.
| doggosphere wrote:
| Assuming all shares are equal in class, voting power is
| diluted.
| doggosphere wrote:
| OP was responding about stocks being just as much "multi
| level marketing" because you still need someone to sell
| the shares to, someone willing to pay more for it than
| you did. So it is actually irrelevant to scarcity or
| "intrinsic value".
| chrisco255 wrote:
| > but those shares still represent the same company plus
| the new investment money raised by raising the shares.
|
| No. Your shares were _diluted_ by the company issuing new
| shares. Now your 100 shares are worth half as much.
| Shares have predicted forward value embedded in their
| valuation. When you buy a share, you're betting that
| company will continue to grow. If it's having to raise
| money and issue new stock, odds are it's struggling with
| cash on hand. Maybe the bet will work out for you. Maybe
| not. Stocks are gambling, though, don't let yourself
| believe otherwise.
| PragmaticPulp wrote:
| > No. Your shares were _diluted_ by the company issuing
| new shares. Now your 100 shares are worth half as much.
|
| That's not correct. A company sells shares in exchange
| for cash. That cash is owned by the company, which is
| represented by the shares.
|
| Companies can't simply dilute away their shareholders
| like you're suggesting. The money raised by selling
| shares doesn't simply disappear.
| doggosphere wrote:
| I own 10% of a company. Several rounds later, I now own
| 2% of the company. It is possible the company is now
| valued higher or lower than what I got in at.
|
| Did I get diluted?
| CynicusRex wrote:
| The stock market being crooked doesn't mean bitcoin isn't
| crooked as well. I'm critical of both.
| bigiain wrote:
| > Bitcoin had no pre-mine
|
| /me glances at the great big pile of Satoshi coins...
| tradertef wrote:
| Thanks. Honestly, not surprising..
| [deleted]
| Forbo wrote:
| > For now it's listed for sale on just one cryptocurrency
| exchange
|
| I think the article might be inaccurate. According to this,
| there's at least four exchanges currently:
|
| https://www.coingecko.com/en/coins/mobilecoin#markets
| RL_Quine wrote:
| This is garbage, and shouldn't be part of Signal.
|
| Everything on the internet is being corrupted with adding
| cryptocurrency scams where they absolutely don't belong, it turns
| Signal from an obvious recommendation into something that makes
| me hesitate. There's something to be said for focusing on doing
| one thing well, and that doesn't mean turning a communication
| platform into a kitchen sink.
| josh2600 wrote:
| Hi,
|
| Before you label MobileCoin a scam, I would encourage you to
| take a look at the Github. I think you'll see that we've made a
| lot of very carefully considered choices on how to deliver a
| great payments experience without many of the compromises other
| cryptocurrencies have chosen. Of note, the speed of
| transactions, much greener energy design, privacy-protections,
| and mobile-first UX are differentiators. Many cryptocurrencies
| have some of these features, but I don't know of any other that
| has all of them.
|
| Believe me, I have a lot of feelings about how absurd
| cryptocurrency has become in the last decade. At its core, I
| still believe that there is something beautiful in
| decentralized ledgers and I think that this is the way that the
| world will settle debts over the next hundred years. Signal
| chose MobileCoin because nothing else met their performance and
| privacy standards. In order to meet those goals we wrote a lot
| of new technology that is fundamentally different from how
| other cryptocurrencies are architected today (check out our
| oblivious RAM implementation, for example:
| https://github.com/mobilecoinfoundation/fog).
|
| I love Signal and I started MobileCoin to help fund their work.
| For me, a world with Signal in it is a better place.
| RL_Quine wrote:
| > _Signal chose MobileCoin because nothing else met their
| performance and privacy standards._
|
| Signal has obvious financial connections to MobileCoin,
| something that frankly nobody else has ever heard of before
| today. I find it really difficult to believe that MobileCoin
| paying Moxie (which you've acknowledged), and Signal/Moxie
| happening to choose MobileCoin for inclusion in Signal when
| nobody wanted it was a coincidence. It's insulting to the
| intelligence of the reader to even make that claim.
|
| > _Before you label MobileCoin a scam, I would encourage you
| to take a look at the Github._
|
| What would that tell me?
| bdcs wrote:
| "Marlinspike notes, however, that neither he nor Signal own
| any MobileCoins." https://www.wired.com/story/signal-
| mobilecoin-payments-messa...
| RL_Quine wrote:
| > _" Moxie, as an individual, is a paid technical advisor
| to MobileCoin"_
|
| https://news.ycombinator.com/item?id=26715013
|
| This seems incompatible with the spirit of the quote in
| the article.
| hiq wrote:
| That's significant in this space, because it implies that
| he does not benefit directly[0] from speculation on MOB,
| and so has less incentives to get involved in a pump and
| dump.
|
| What I would still like to see for more transparency:
|
| - legal commitment from the Signal Foundation that no
| employee owns any MOB
|
| - disclosure of money transfers between MobileCoin and
| any Signal Foundation employee
|
| Maybe some of this information could already be extracted
| given the statuses of the entities involved?
|
| [0]: he benefits indirectly because if MobileCoin stays
| up, he'll probably stay as a technical advisor
| EMM_386 wrote:
| Are we talking about both Signals, or just the non-profit
| Foundation here?
|
| What about the LLC?
|
| https://en.wikipedia.org/wiki/Signal_Foundation
| maclured wrote:
| _Yet_. There are a couple of trivial ways they could end
| up with loads of coins and this statement could still be
| true as of the date of the quote.
| bjt2n3904 wrote:
| Yow, the damage control is quick on this one. Off the front
| page, too?
|
| I don't care about your cryptocurrency. I don't care about
| your cryptocurrency being offered in my messenger.
|
| Let me put it plain and simple. You bring nothing to the
| table for me but liability.
|
| Nothing. But. Liability.
|
| Signal's one and only feature is security. This feature is a
| joke, and devalues Signal.
| dang wrote:
| Your comment breaks several of the site guidelines. Please
| review https://news.ycombinator.com/newsguidelines.html and
| stick to the rules when posting here.
|
| The post went off HN's front page because it set off the
| flamewar detector.
| adamsvystun wrote:
| Hi Josh,
|
| The problem here is not that people think that MobileCoin is
| not a useful technology or is not innovative. From what you
| are describing it actually seems like a good combination of
| features that are particularly suited for the messaging use-
| case.
|
| The problem is in the way the coins were pre-mined. It seems
| (we don't really know from the outside) that the knowledge
| that Signal would be using MobileCoin has been known early
| on. With that knowledge it is very easy to make money by pre-
| mining coins. The proper analogy here is insider trading. It
| is immoral and that is why people are calling this a scam.
| selsta wrote:
| Why does the README mention CryptoNote when the project seems
| to be based on Monero + SCP?
|
| https://twitter.com/fluffypony/status/1379559273504641025
|
| I guess the whitepaper mentions it, but that isn't suprising
| considering koe wrote it.
| TheCraiggers wrote:
| Signal is competing against some big players in the messaging
| space, at least some of which have money transfers. As long as
| they abide by their principles and none of these features
| impact privacy, I don't see how it wouldn't be viewed as a win.
|
| A case could be made for it being bloat, but most consumers
| don't care, and for Signal (or any messaging app) to be
| successful, it needs to appeal to the common denominator.
|
| And frankly, if this means I can send money to a friend without
| Google getting yet more data about me, then even better.
| candiddevmike wrote:
| If you're that concerned about third party processors, most
| banks and credit unions provide their customers a way to send
| money between people fairly simply.
|
| Signal providing this functionality is scope creep.
| TheCraiggers wrote:
| Scope creep? Perhaps. But then so are voice calls, video
| calls, sending pictures, GIFs, etc. None of those things
| are core to the experience of sending "lol" to a friend.
| Despite the very correct statement that there already exist
| services which do those things.
|
| Yet, those features have almost become synonymous with
| messaging apps. The market and consumers seem to want these
| services combined, so here we are. My point was that
| sending money is a feature that more and more messaging
| services have. Hangouts (or whatever the hell it is called
| these days), Whatsapp, Telegram, etc.
|
| Personally, I would have liked it more if this wasn't tied
| to some no-name cryptocurrency, but oh well.
| candiddevmike wrote:
| > Scope creep? Perhaps. But then so are voice calls,
| video calls, sending pictures, GIFs, etc. None of those
| things are core to the experience of sending "lol" to a
| friend. Despite the very correct statement that there
| already exist services which do those things.
|
| I think those would all be considered in scope for a chat
| platform--theyre all various ways to share and
| communicate.
| RL_Quine wrote:
| Signal needs to be reliable, safe and have a low barrier of
| entry to achieve its goals of allowing widespread private
| communication. I thought that when I recommended that my peer
| group use it (at this point, all of my normal contacts use it
| extensively), I could trust that it would remain clearly
| focused on its mission- now I'll need to recommend it with a
| caveat to just click through the scam marketing, ICO offers
| and "airdrops".
| kf wrote:
| You're being really cynical in a way that doesn't reflect
| the reality of the situation. This doesn't entail scam
| marketing, ICO offers, and airdrops just because that's
| something that happens in a lot of the rest of
| cryptocurrency space.
| RL_Quine wrote:
| You missed the point. Even if Signal doesn't do the
| typical cryptocurrency scam behaviour, I now somehow need
| to try to explain to people why it is different to every
| other thing in the space that does act like that. On the
| face of it, if we assume that the inclusion of MobileCoin
| in Signal is completely benign, it's something that's
| never happened before.
|
| Smoking causes cancer, but smoking these specific
| cigarettes won't. Do you see the problem with trying to
| describe such an absurd situation to somebody?
| [deleted]
| hiq wrote:
| > You missed the point.
|
| You're making a different point now though, you're saying
| that people will associate it with scams which will hurt
| adoption. You initially wrote that the UX would be so bad
| that you'd have to convince users to bear with it anyway.
|
| I don't know how they implemented it on the client side,
| but it's possible they kept it light, as they've been
| doing since the beginning. We'll see soon enough.
|
| In terms of reputation, this is a long-term battle.
| Signal used to be quite unreliable in a lot of aspects,
| and hurt adoption. Now it's much better, making the
| migration from other messengers way smoother. If they're
| able to implement safe, private and convenient payments,
| that's one feature other messengers won't have to lure
| users away from signal.
| codethief wrote:
| > You initially wrote that the UX would be so bad that
| you'd have to convince users to bear with it anyway. I
| don't know how they implemented it on the client side,
| but it's possible they kept it light, as they've been
| doing since the beginning. We'll see soon enough.
|
| I think you're confusing UI and UX. Yes, the UI could be
| kept light but the user _experience_ can still be
| confusing because a payments feature is... surprising.
| Why would a messaging app come with a payments feature if
| not to make money and exploit the user?
|
| Not saying that this is happening here but this is what
| people _think_ , i.e. the emotional _experience_.
| hiq wrote:
| OP wrote:
|
| > just click through the scam marketing, ICO offers and
| "airdrops"
|
| That's what I meant by UX.
|
| > user experience can still be confusing because a
| payments feature is... surprising
|
| Everything new is "surprising", that's a low bar. Chat
| apps in China have had this feature for years now, and
| it's also a feature in WhatsApp, a direct Signal
| competitor.
| devwastaken wrote:
| If they didn't use some random 'coin' no one has heard of I'd
| be on board. They're trying to compete in a bad way. They
| should simply just use Stripe and be done with it. People want
| an alternative to facebook messaging and PayPal. They don't
| want superfluous cryptos.
| RL_Quine wrote:
| Moxie Marlinspike is listed as an advisor of MobileCoin, so
| there's some obvious financial connections between the two.
| RL_Quine wrote:
| _" Moxie, as an individual, is a paid technical advisor to
| MobileCoin"_
| hiq wrote:
| I think the end-goal is to provide privacy guarantees you
| will never have with Stripe or other traditional payment
| processors.
| sudosysgen wrote:
| You can't trust an app that is distributed through the
| Google Play Store as a wallet with any kind of privacy
| guarantee.
| EMM_386 wrote:
| > If they didn't use some random 'coin' no one has heard of
| I'd be on board.
|
| The founder of Signal actually created MobileCoin.
|
| https://www.wired.com/story/mobilecoin-cryptocurrency/
| immy wrote:
| Signal was a random 'messenger' at one point too. They needed
| a fast (in seconds) private way to send money. There wasn't
| one. Until now.
| CodeGlitch wrote:
| With all due respect your comment seems to be coming from an
| extremely privileged position. In many parts of the world,
| people do not have the luxury of basic banking, where storing
| and sending money is fraught with risk due to corruption and a
| lack of infrastructure. Take a look at M-PESA [1] for a "last-
| gen" solution using SMS.
|
| I think what Signal is doing with MOB is pretty important work
| for many non-western countries, and I wish them all the best.
|
| [1] https://en.wikipedia.org/wiki/M-Pesa
| sudosysgen wrote:
| This is a very privileged position.
|
| Cryptocurrencies don't solve third world banking, at all. You
| still get paid in fiat, which you then have to convert to
| crypto (using a bank), and you will never be able to have
| most people get paid in crypto because then the government
| can't get taxes reliably (thus they will ban it).
| dan-robertson wrote:
| Crypto currencies don't really solve the problems with a lack
| of banking infrastructure. Usually people need some way to
| get actual physical cash (remember, we're talking about
| places where people don't really have access to modern
| banking systems, not places where most people have bank
| accounts and credit cards) in and out of the system. It's a
| nice idea if everything magically happens in your digital
| system but I don't think that can happen without a credible
| way to bootstrap it involving lots of moving physical cash
| first. I don't think it's credible to hope for third party
| exchanges or tiny local businesses to provide these services,
| and I also don't think it is credible to expect people living
| in these underdeveloped places to take on the risk of price
| volatility in some random cryptocurrency.
| ncmncm wrote:
| Agree. It would be OK to make Signal able to integrate payment
| systems and make this thing compatible with that or with any
| other comm that implements the interface. Tying them together
| is pernicious.
|
| Anyway Signal is itself pernicious by being tied to a phone
| number and to Google Play services, and by being very choosy
| about who gets ports.
|
| I had high hopes for Matrix, once they got E2EE, but they have
| flubbed that by requiring a very heavyweight bounce server that
| won't fit on (e.g.) your typical home router or super-cheap
| cloud VM. Matrix should enable a place to keep your message
| archive independent of the bounce server, and allow gatewaying
| a non-public storage service via the lightweight bounce
| service.
|
| But Element.io's business model is tied to heavy-weight bounce
| service.
| RL_Quine wrote:
| Mastodon, Matrix and others suffer that issue greatly. You
| can't really run single-user instances without running a
| gigantic installation, when a minimal implementation of their
| protocols should have no footprint to speak of.
| lrvick wrote:
| Dendrite is that minimal implementation to make single user
| instances cheap.
| summm wrote:
| Yes, at some time in the future, but it is not usable
| yet.
| remirk wrote:
| That was the case a few years ago. Matrix' server software
| has improved a lot since then. It doesn't use much
| resources anymore. Though there still is a large CPU spike
| when I join a really large room (500+ users) for the first
| time.
| Arathorn wrote:
| speaking as CEO of Element, our business model is _really_
| not tied to Synapse being heavyweight at all - just the
| opposite. We provide Synapse hosting starting at $2
| /user/month, and so it's critical that running a server
| (including sysadmin) costs us as little as possible in order
| to be above water. We're not competing against self-hosters,
| but catering to folks who aren't sysadmins and so want us to
| host for them.
|
| And as others have said, Synapse really isn't that
| heavyweight these days (thanks in part to the performance
| improvements driven by Element!)
| lrvick wrote:
| Have you seen matrix p2p?
|
| Also anyone can run their own servers, and Dendrite can run
| on very modest hardware like a Raspi.
| ncmncm wrote:
| Thank you, Dendrite is listed as "beta", and appears to
| require Postgres?
| bilal4hmed wrote:
| Here is some info
| https://matrix.org/blog/2020/10/08/dendrite-is-entering-
| beta
| miloignis wrote:
| Just as a quick note, I run Synapse (the heavyweight server,
| not Dendrite the light-weight one!) for myself and a few
| friends on a modest 1GB of RAM VPS with a few bridges and
| have no problems. Looking forward to Dendrite getting
| feature-parity and swapping over to be even lighter.
| codethief wrote:
| > Anyway Signal is itself pernicious by being tied to a phone
| number and to Google Play services
|
| It's not tied to Google Play Services, you can download a
| standalone version from signal.org. As for phone numbers, the
| developers have been working on getting rid of them for a
| while now - there's already a good amount of code on GitHub.
| dang wrote:
| " _Please don 't post shallow dismissals, especially of other
| people's work. A good critical comment teaches us something._"
|
| " _When disagreeing, please reply to the argument instead of
| calling names. 'That is idiotic; 1 + 1 is 2, not 3' can be
| shortened to '1 + 1 is 2, not 3._'"
|
| https://news.ycombinator.com/newsguidelines.html
| centimeter wrote:
| If they weren't using this as an opportunity to pump some
| shitcoin, this might make sense. Bitcoin Lightning integration
| would be much less suspect, for example, because A) it's
| already well established B) they're not going to make a quick
| buck off it.
| mikeyla85 wrote:
| Lightning doesn't have privacy and Signal needs privacy.
| leifg wrote:
| What's the consensus function you use on the mobile coin
| blockchain. Couldn't see if it's proof of work or proof of stake.
| josh2600 wrote:
| We use a modified version of the Stellar Consensus Protocol
| that we reimplemented from scratch using Rust.
|
| https://github.com/UkoeHB/Mechanics-of-MobileCoin/blob/maste...
| << Page 81 is where you want to go.
| eMGm4D0zgUAVXc7 wrote:
| So this does seem to use some voting mechanism instead of
| scarcity through PoW.
|
| How do you prevent the sybil attack then if there is no
| scarcity?
|
| I.e. what prevents an individual from spinning up 10 million
| nodes to get more voting power?
| josh2600 wrote:
| Stellar is essentially a liquid democracy system similar to
| DNS. The core proof at the heart of David Mazieres paper is
| that in a densely interwoven graph, any set of nodes in a
| quorum slice reaching consensus _is_ graph consensus.
| Regarding Sybil, nodes define their own trust
| relationships, so membership is open but not automatic.
| [deleted]
| eMGm4D0zgUAVXc7 wrote:
| > Regarding Sybil, nodes define their own trust
| relationships, so membership is open but not automatic.
|
| Thanks for clarifying!
|
| So you're expecting people to
|
| - manually add peers to be able to use the network.
|
| - manually monitor the said peers for if they do
| malicious transactions, and manually ban them if yes.
|
| Right?
|
| How is this supposed to work considering that:
|
| - most users won't care about manually adding peers.
| They'll just add EVERYONE who offers to be added so they
| can be done with it and use the system.
|
| - most users probably won't even understand what a
| malicious transaction is in the first place.
|
| - the few who do will for sure not have the time to
| monitor a network which does dozens or in the future even
| thousands of transactions per second.
|
| This seems just humanly impossible, there's by no means
| sufficient human time available to manually monitor a P2P
| network's content if the said content is super boring and
| complex.
|
| If it were a distributed social network you could expect
| people to e.g. manually flag spam because using a social
| network _implies_ reading the posts contained in it.
|
| But manually reviewing money which strangers send to each
| other is boring as hell, who will do this?
| crazypython wrote:
| How does Stellar Consensus prevent double-spends?
|
| Imagine I have a private key to an address with 10 coins.
| Imagine I spend the same amount of money (10 coins) on Mars
| and Earth at the same time. There is a 10-lightminute gap
| between Mars and Earth. Assume Mars and Earth have a similar
| number of Stellar nodes. What happens in Stellar Consensus?
| josh2600 wrote:
| Stellar actually does nothing to prevent double-spends as
| it is the consensus layer and not the ledger. The ledger
| prevents double spends in mobilecoin by using a proof
| called a "key image" which is part of CryptoNote
| (https://bytecoin.org/old/whitepaper.pdf). Essentially, a
| ring signature is produced by the user which says "one of
| these N transactions belong to me" and the key image proves
| that one of the members of the set is a valid transaction
| without revealing which transaction was valid (and
| preventing future reuse of the valid input).
| fourstar wrote:
| So essentially, this is a mashup between XMR (ring sigs)
| and XLM (consensus protocol)? Why not use zk-proofs?
| josh2600 wrote:
| If you can find a way to do ZK-proofs that work in the
| time constraints that we have (1-3 seconds end to end
| transaction completion and finality), then we'll switch
| to them. Right now this is the only way we could get the
| performance we wanted.
| eMGm4D0zgUAVXc7 wrote:
| I don't understand the "key image" cryptography, but I
| can't fathom how any cryptography, no matter how smart it
| is, could prevent the user from:
|
| 1) Creating a backup of their wallet on disk.
|
| 2) Sending their coins somewhere, but not broadcasting
| the transaction to the network, instead storing it in a
| file.
|
| 3) Restoring from the backup
|
| 4) Sending the coins to a different address = double
| spending them.
|
| 5) Broadcasting the transactions in a very close timespan
| to conduct the double-spend.
|
| The _network_ needs to prevent this by storing, in an
| non-forge-able fashion such as PoW, which transaction
| happened first.
|
| How does your system guarantee that?
| lrvick wrote:
| Signal is still centrally controlled and compiled by a single
| entity and distributed only in an unsigned insecure form or in a
| signed/verified manner only if you give up your privacy to
| install with Google Play or the Apple store.
|
| Those that only run open source software like myself have no
| secure way to run Signal short of compiling every release by hand
| which is impractical. Moxie has stated he will not support anyone
| but his team compiling or distributing Signal binaries so third
| party signed builds via privacy focused app stores like F-Droid
| are out. All builds must also use Signal centralized servers even
| though that centralizes TCP/IP metadata, etc.
|
| Not to mention you need to show government ID to get a SIM to use
| the Signal wallet for said private currency/messenger in 200
| countries.
|
| Secondly having a decentralized currency whose servers can only
| run on Intel machines with Intel SGX is a very centralized supply
| chain as well.
|
| A single supply chain attack on Intel microcode or related SGX
| updates could run malicious code and game over for the currency
| globally? A government that sees MobileCoin as a threat could
| make Intel do this.
|
| With a SPOF on the supply chain of the only client people are
| expected to use and another SPOF on the only hardware enclave
| people are supposed to use for servers... decentralized is
| technically true but not used in the same way as most other
| projects that use that word.
|
| I will keep an eye on this experiment though, because there are
| some unique ideas here which could have value should your trust
| anchors expand beyond Intel and Signal.
| hiq wrote:
| > distributed only in an unsigned insecure form or in a
| signed/verified manner only if you give up your privacy to
| install with Google Play or the Apple store.
|
| > Those that only run open source software like myself have no
| secure way to run Signal short of compiling every release by
| hand which is impractical.
|
| Nope: https://signal.org/android/apk/
| stonesweep wrote:
| You may be missing the subtle point - the APK provided is the
| same one from Google Play, which includes the Google SDK
| encumbered libraries (links? hooks? features?). If you run a
| libre device without the Google Play store (non-Google
| android build) then the software cannot function. The code
| for the client is open source, but the act of compiling it
| against the required Play store libraries encumbers the final
| binary. F-Droid requires that all code compile without the
| Google SDKs in order to be hosted (IIRC).
| Mediterraneo10 wrote:
| You are being a bit too subtle for many people. I think
| most reading your post above are going to understand it as
| claiming that the Signal APK downloadable from Signal's
| website requires Google Play Services or the Play store in
| order to run. That is not the case, as any LineageOS user
| can tell you.
| hiq wrote:
| > If you run a libre device without the Google Play store
| (non-Google android build) then the software cannot
| function
|
| I think you mean either of two things:
|
| 1. running the APK they build on a device without Google
| Service does not work
|
| 2. running the APK they build on a device means it's no
| longer running only libre software
|
| 1. is not true, so I assume you mean 2. I guess that's
| true, but in practice I think that the compiled dependency
| doesn't do anything if you don't have the services on your
| phone (don't quote me on that). It's not free software, but
| it's still better than the competition.
| stonesweep wrote:
| I think it sort of floats in 2 territory and sort of
| resembles the LGPL based kernel modules which require a
| binary firmware blob to run (kind of, not exactly). In
| order to create the APK, the code must compile against
| the SDK and encumber it by binding to an API, however if
| I understand this correctly in Android terms it means a
| stub of non-free code is now inside your APK, instead of
| say an external firmware blob. (I am not an Android coder
| to know the subtle details here)
|
| (I'm aware that the code will try and use Google
| services, then if it fails it falls back to websocket(?)
| - so the actual Services don't have to be present, but
| the compiled APK contains the non-free hooks to use it if
| present? I tried to use the word encumbered to reflect
| that)
| AfouToPatisa wrote:
| Even if an SGX attack does take place, tx's aren't recognized
| as the system is secured with Cryptonote's ring signatures (1st
| reply in FAQ
| https://github.com/mobilecoinfoundation/mobilecoin)
|
| here too about 11mins in -
| https://www.youtube.com/watch?v=e9afDQ_M5CU
| codethief wrote:
| The problem is: Signal already relies on SGX for lots of
| other features (Signal PINs & Secure Value Recovery, contact
| discovery etc. etc.) and these depend on SGX working as
| advertized.
| 2OEH8eoCRo0 wrote:
| >compiling every release by hand
|
| Clicking build in Android Studio?
| ac29 wrote:
| > Not to mention you need to show government ID to get a SIM to
| use the Signal wallet for said private currency/messenger in
| 200 countries.
|
| There are less than 200 countries in total, unless you get very
| creative with states that are arent recognized more more than a
| handful of other countries, like Abkhazia or Transnistria.
|
| You also dont need ID to buy SIM cards in the US, so I'm
| curious on how valid this assertion is.
| Mediterraneo10 wrote:
| The OP is broadly right. You now need to show ID to buy a SIM
| in many EU countries and beyond (e.g. Chile, Russia or
| Senegal). A copy of the ID is given to the state in order to
| link your identity to the SIM card. Even if you bought a
| prepaid SIM before this policy or law came in, the mobile
| provider may pressure you into paying online or by card
| instead of cash, so that your identity can be linked to the
| SIM through your payment.
|
| I do wonder how long the US (or, for example, Finland) will
| remain a holdout in this regard.
| adamsvystun wrote:
| I think you can argue that payment privacy is not as paramount as
| message privacy and can be implemented with regular financial
| mechanisms. Or at least such option should be given if you are
| using your own cryptocurrency.
| LockAndLol wrote:
| I thought Session(1), a signal fork, was ridiculous for adding a
| crypto currency, but now Signal is doing it too?
|
| I don't want this stuff in my messenger. It's supposed to send
| messages, not money. This is just going to accelerate my
| departure from Signal - or at least the official client.
|
| 1: https://getsession.org/
| airza wrote:
| The technology is cool, but I don't really know if I want KYC
| regulatory risk in my encrypted messaging client. I just want
| italics.
| lrvick wrote:
| Then why use Signal at all? You had to have KYC to get a phone
| number in most countries which you had to give to Signal which
| could expose your location etc via tower pings to anyone you
| communicate with unless you port it to a VoIP number (how many
| know how to do that?)
|
| You also had to provide a phone number to get a Google or Apple
| account to install Signal because anonymous signed install
| methods are not supported, which moxie says is intentional to
| collect analytics.
|
| Signal may have end to end encryption but being anonymous is a
| clear non goal.
| josh2600 wrote:
| I don't think Signal has any plans to scan your driver's
| license. What they've built is a non-custodial wallet (IE, they
| can't help you if you lose your keys, and they have no ability
| to authorize or deny a payment on your behalf).
| airza wrote:
| In my opinion a lot of the spicy regulatory issues around
| coins with private transactions are still not fully realized
| because none of them have mainstream adoption. The problem
| here is that Signal's goal to succeed as a mainstream
| encrypted messaging client could have the unpleasant side
| effect of bringing this technology under regulatory scrutiny.
| Hopefully things won't come to that, of course...
| troquerre wrote:
| You don't need to KYC as it's just a mobile wallet -- same with
| all the other crypto wallets out there. I'd be surprised if
| Signal integrated features in the future that require KYC.
| frosted-flakes wrote:
| KYC = Know Your Customer/Client.
| m4lvin wrote:
| It seems this was posted five days too late.
| WaitWaitWha wrote:
| I think Signal should not marry a single crypto-currency, or
| intermediary.
|
| Add the feature, but come up with a solution that is currency
| agnostic.
| hiq wrote:
| The arguments against federation would also apply to this
| solution. Given that they don't like federation, it's logical
| that they also reject this approach for their payment solution.
___________________________________________________________________
(page generated 2021-04-06 23:00 UTC)