Essay by [Juan S. Galt] (http://twitter.com/juansgalt)
‘Rebooting the web of trust,’ a workshop taking place in San Francisco this November 3rd and 4th, is bringing together some impressive pioneers and could lead to world changing developments in the realm of online reputation systems and in the use of the blockchain.
An ‘advanced reading list’ of academic submissions regarding the Philosophical and the technical challenges of reputation, take the front stage of this workshop. Along side it is the first of multiple workshops, intended to generate solutions that “will have the greatest impact on the future”. Some of thought leaders on this list are, Ryan Shea, Drummond Reed, Peter Todd, Jon Callas and Phil Zimmerman, to name a few.
While the list of participants is private, and the workshops are invite only, the event has been the topic of discussion in slack groups and social media, where the few who dare tackle this very important topic lurk.
The workshop is lead by [Christopher Allen] (https://twitter.com/ChristopherA), Internet Cryptography Pioneer and Blockchain developer. It is also being promoted by [Matthew Schutte] (https://twitter.com/matthewjosef), entrepreneur and speaker, who among other things has a very short and insightful overview of the crucial importance of privacy innovation, as well as the nature and value of reputation, during a conference at Voice and Exit.
https://www.youtube.com/embed/RFVlzmomBPU
Reputation is such an essential part of human interaction that it is easy to take for granted. It can simply be looked at as a way of knowing ahead of time the character and capabilities of another person, with whom we might want to trade or interact with in some way.
Being able to reasonably predict some one’s behavior and know what possible areas of conflict we will face can save us social beings a great deal of time and hardship. These are otherwise hidden in the darkness of a pseudonym on Localbitcoins, or some brand name of a company we’ve never heard of.
The core assumption of a reputation system is that past behaviour is a great predictor of future behavior. This principal has served human beings fairly well for thousands of years, and has great potential for good, but as Orwell warned in his epic novel 1984, the potential downfalls of top down, enforced standards of behavior could end in a “boot stamping on a human face—forever.”
So, in the hopes of dodging the massive and bloody bullet of building the infrastructure of a techno-totalitarian state, let us discuss how NOT to build an Orwellian reputation system - as I see it.
Bob, the Silk Road merchant
For the sake of illustrating this amusing and complex subject, let’s follow the life of Bob, our hypothetical Marijuana dealer in the darknet, who has decided to make his living under a reputation standard called #weedisdope.
Bob believes that there’s nothing morally wrong with buying, selling or ingesting this “innocuous” plant, and he is so passionate about the topic, as well as intrigued by the profits, that he has decided to become a pseudonymous Marijuana dealer in Silk Road 5.0.
Like many before him, Bob has learnt that given the hostile environment that is the dark net, he must base his decision on who he trades with on the most secure of systems and platforms. His enemies are, after all, no cute kittens but vicious wolves hungry to put their claws on every Bit of coin he makes.
So, given that he lives in the year 2022, he must choose a developed and mature reputation system to rely on. And as we all know, there are not many records of human behavior as secure as the blockchain.
This invention we are so familiar with, is effectively a memory bank that can not and should not be made controllable by one entity. The integrity and quality of the information it holds needs to be highly secure, as it is the foundation of his business and the business of millions of others by the time he comes to choose his career path.
If this record was to fall prey to the wrong hands, it could spell disaster to the tune of say, selling big bags of Ganja to a ‘buyer’ who counterfeited his reputation score, and can now easily execute a double spend with Bob. He stands misled and vulnerable, thanks to a weak and compromised reputation database.
So tl;dr: use a very secure blockchain.
Many people, Bob included have very specific beliefs about what behavior is morally neutral, admirable or straight out evil. And often enough, people’s beliefs about what is good or bad are in conflict.
If the engineers of RepCoin, the reputation system that is most popular in 2022, had decided that #weedisNOTdope. And had built the platform such that the world could only judge others based on this very specific and one sided standard of behavior, then Bob would be without access to the incredible resource that RepCoin provides.
After all, we are the pioneers of our time. Engineers and first adopters of something as powerful as programmable money and a memory bank that can not be forgotten or destroyed. The edifices that we build today, will be occupied by humanity for decades to come. What claim or right do we have to try and enforce our beliefs about morality on them, even if through technological designs?
While some decisions at the engineering and security level will have to be made, I believe it is essential that those with the ability to build this kind of technology have great humility about the effect their design choices can have on humanity.
And I can not think of a better solution to this problem of reputation standards then to allow users to arbitrarily - as if they were adding a hashtag to a tweet - create their own reputation markers, and go on to sign their transaction with Bob with a marker both buyer and seller believe in, a simple #weedisdope.
The ideal reputation system, I believe should simply inform parties about what others value and despise, and how many times they have walked the talk. In other words, how many times Bob made transactions signed through p2p asymmetric cryptography with a celebration of #weedisdope or whatever the parties involved believe to be fair behavior, proven by their trade.
Last but not least, Bob will likely not be everyone’s customer. There will be people who rather have nothing to do with #weedisdope, and so, it should be up to them to control what identities and values are within their ecosystem. Similar to how family filters work in search engines today.
We would not dare ask Google to forget all the porn or overshared cat pictures it knows so well, hiding them from us until we ask is good enough.
Lets face it. Using personal, or even biometric data as the ‘security’ foundation of an international, online, non retractable reputation system is a terrible idea. Being hacked once could be a life changing disaster and our personal security is [far too compromised already] (http://cointelegraph.com/news/114371/five-eyes-spy-agencies-planned-to-hack-samsung-and-googles-mobile-support).
Today, if you ask any random person if they believe they have any privacy online, they are very likely to give you back a flat ‘NOPE’. Corporations the likes of Facebook, Google, and every other advertising fueled platform, or financial service of the legacy banking system, have been criticized for ages, of selling, re selling and buying people’s personal information on data exchanges, which Google is king of. That alone should serve to advise against using personal information to determine proof that you are the owner of a digital asset.
Kevin Mitnick, famous hacker, Infosec expert and speaker demonstrated how to get a hold of someone’s Social Security Number in less than five minutes, using minimal information about your victim, during DEFCON 2014.
[To quote Forbes] (http://www.forbes.com/sites/ehrlichfu/2014/08/15/renowned-security-expert-kevin-mitnick-can-steal-your-identity-in-3-minutes/):
“To find a social security number, Mitnick first navigated to the website of a leading provider of billions of public records and typed in the volunteer’s name. Approximately 50 results came up with different ages and locations. He quickly narrowed the search down by age and a few simple questions such as ‘Which state do you live in?’ The legal site sells access to its database. The volunteer’s entry cost 50 cents, and on purchase, prominently displayed the social security number in bold red font. The number was confirmed as correct while several attendees photographed the screen.”
Add to that the Add to that the [massive hack of the USA’s OPM department] (http://cointelegraph.com/news/115129/kyc-compliance-could-get-you-hacked), which comprised over 21 million Americans’ deeply personal information,including biometric data. Most of them worked for the Government at some point, and or were still part of agencies like the NSA. This information is now somewhere floating in cyberspace.
Bob, of course, would never run or base his reputation as a sticky-icky merchant, associating his business identity with his legal name and data. If those two were ever correlated he’d quickly be on a one way trip to a “big and crowded cage, somewhere in the abyss of humanity’s medieval habits”- as he would put it.
The same goes for Bob’s customers.
If people want to add such information to their profile or any other information they think is relevant for that matter, even mix identities at some point, then why not? Yeah sure, that’s a good freedom and option to have. But now at least it is a clear: balanced and conscious choice, not some design requirement.
Now, the idea of a reputation system that is both pseudonymous and private might sound paradoxical or even contradictory, but let us not forget Satoshi Nakamoto himself was very anonymous, at least for most of his involvement with Bitcoin, and arguably still is. He is also of course, very reputable.
So reputation and anonymity can coexist very well. The question is, who should have access to the information that you do allow to be ‘public’?
Bob, only wants potential customers to his Funny Smoke to be able to find him, and not instead leave a trail for the wolves to follow.
So how can this be achieved? Well, perhaps I am way out of my field of expertize, but it seems plausible to me that some kind of Web of trust system could be concocted where only people with a #weedisdope reputation score of - say - 20 out of 100 would be able to see Bob as a merchant. This would filter out the noobs and the wolves in sheep’s clothing.
Perhaps, only customers who have traded with some of Bob’s friends could become knowledgeable of his business.
Of course, once a customer reaches Bob’s profile, there’s no solution I can imagine for someone taking a photo of their computer screen with their dumb phone and uploading it to Facebook, but at least there would be a barrier to entry, and those who find the secret club may have a higher interest in protecting its secrecy.
There’s a real value in the niche, complex and unique way in which humans organize themselves around specific value systems, and not knowing who is capable of what within these social structures is a kind of camouflage that has some use.
Ideally, I think it would be great to make sure only the people who have some user defined alignment with our values, and have proven it sufficiently, are able to find us on the vast and eternal web.
Andreas Antonopoulos has warned about the dangers of blockchain based reputation systems, particularly their incapacity to forget information. Human beings are often enough more forgiving and compassionate then the cold mathematics of a cryptographic signature.
As such, especially when it relates to a negative reputation marker (which is a whole topic on its own) should have some way to change their score through hard work and plenty of walking the talk. People rarely change, it seems, but that does not mean we should get rid of their opportunity to do so. It is in fact this opportunity to change that can give us certainty about their intentions when they in fact, do not.