The comment from the article echos my own sentiments:
> Speaking solely as a person who is really into encrypted messaging, it terrifies me that they're going to take this really clean story of an encrypted messenger and mix it up with the nightmare of laws and regulations and vulnerability that is cryptocurrency.
Moreover, there are three other points I'd add:
1. I don't like "do everything" apps like WeChat or Line. One of Signals strengths was UX that focused on it's core competency. Early in Signal's development they would add privacy features. Lately they have been adding social features. This, however, feels especially out of left field and likely to hurt the UX.
2. This smells like dev resources will be spent building and maintaining something not related to messaging.
3. I've always had a "don't let perfect be the enemy of good" rationalization that gives Signal autonomy to grow a privacy centric messaging app despite the deficits (e.g lack of federation). In contrast, I personally associate "crypto" with "scam". There have been so many shady ICOs and pump-dump schemes around crypto. This will taint the product for those of us who don't think of crypto currency as being anything more than pump-and-dump schemes and a way to buy dab rigs online.
> Early in Signal's development they would add privacy features. Lately they have been adding social features.
This is intentional and relates to Signal's growth in the past few years. It's not "a hacker tool for nerds" it's "a friendly, easy to use chat app with stickers & voice messages (also strong encryption)."
IRC does one thing and does it well, and barely anyone uses it. The "clean technical vision" story isn't enough on its own.
I love IRC but saying the IRC protocol does anything well (or is even a documented and agreed-upon protocol) is a bit of a stretch.
Otherwise, agree with the thrust of your statement. I believe getting Signal into the hands of more users is an overall net good and if stickers are the answer then get to making some stickers.
Haha yeah I never did learn all about modes and had to google commands or go to the mod channel and ask for help not infrequently, but irc does get held up as an example of “a simple and perfectly decent tool” and my point is that being simple and perfectly OK is not enough, it needs to also be user friendly and accessible to the lay person.
> a friendly, easy to use chat app with stickers & voice messages (also strong encryption).
Except it's not, strong encryption and privacy emphasis goes against easy to use. I recently got my family to switch to Telegram (because I like the interface) - my sister works in an environment where she has to have a separate work phone without a camera and everything synced up out of the box, history, etc. Brother lost his phone - same thing, has chat histories and everything is back to normal. I use Telegram on desktop and mobile and it synces instantly.
Compare that to Signal, you don't even sync between active devices and you can forget about having old conversations on a new device. And just to give you a scope of how important messaging history to people is (I've seen people say nobody cares about IM history) - designer from work is lugging around her Android phone year after switching to iPhone just for WhatsApp history (it doesn't sync between OS-es).
I don't disagree that Telegram storing everything on their servers is very convenient, but:
> you don't even sync between active devices
I use Signal on a phone and a laptop, switching between the two frequently throughout the day and see the same conversations on both. (Edit: I realised you probably meant multiple phones, yes I see that's not yet supported.)
>and you can forget about having old conversations on a new device.
There's been a manual, secure transfer process between Android devices for years. More recently they've added an easy OTA transfer process for Android->Android, or iOS->iOS.
> I use Signal on a phone and a laptop, switching between the two frequently throughout the day and see the same conversations on both.
I've had multiple issues with this before I gave up on Signal, it wouldn't show history when I initially paired up even when importing forever, then randomly stopped being connected and required me to pair again (losing everything on PC again)
> There's been a manual, secure transfer process between Android devices for years
Doesn't help much when you lose your phone.
I guess what I'm trying to say for most people the value of having your chat messages hosted in the cloud > security.
Same experience here. I'm absolutely flabbergasted that the Signal devs decided to implement something like stickers (which, btw, are a pale imitation of what Telegram offers in terms of ease of use and discovery) before they implemented full message sync between devices.
I have a smartphone that I control. I have a desktop computer that I control. I use an application on both computers that lets me send secure messages between device. The application somehow can sync new messages but refuses to let me import old ones. How insane is that? But apparently integrating with cryptocurrencies was above that in the todolist.
Signal is clearly a great protocol, but man is it seriously in need of a great implementation...
>But Marlinspike and Goldbard counter that Signal's new features won't give it any control of MobileCoin or turn it into a MobileCoin exchange, which might lead to more regulatory scrutiny. Instead, it will merely add support for spending and receiving it.
Oh, that's going to be a recipe for a great user experience again. You can send MobileCoin super easily... after you've gone on some crypto exchange platform to trade a highly speculative asset into one of your wallets. It's basically like Venmo indeed.
I'm not surprised at all. 3 out of 4 big message apps (Line, WhatsApp and Wechat) don't support full message sync, it's clearly not a showstopper for mass adoption. 99% of the people don't need it and it's hard to implement correctly. Not importing old messages could be a security feature.
Stickers on the other hand are something that does attract many casual users and has no security implications.
Payment features... I think it's a bad idea for many different reasons but it might attract many users if it's not too complex.
I don't see how these relate. Signal isn't explicitly aimed at high security targets, although it works for them (seeing the Snowden endorsement). Signal is about bringing encryption to the masses. Making E2EE the default choice for everyone. Is is much more about mass surveillance. Your sister has a different threat model, one where they are also concerned about the physical device being compromised (i.e. stolen, hacked, or being physically accessed).
These are different threat models. For E2EE for the masses you need things like stickers and for it to be "fun" in addition to being a tool. In your sister's threat model she's more concerned about the tool over the fun part. It is a work phone after all (I mean this is why they take out the camera).
E2EE for the masses is pointless if you can't appeal to the masses. Cypher nerds will always have their fun toys to communicate with but we are also in dire need for something that prevents mass surveillance. That is, after all, one of the fundamental necessities of a democracy: being able to speak your mind without fear of government spying/involvement (this is the reason they got funding from Radio Free America in the past). Unfortunately this means some compromises need to be made. But as far as I'm concerned Signal has done far better than any service I've seen and the relative leak is near zero. The weak points are SGX and pins, which only hide some minor metadata (even fully leaked this would be better than WA or Telegram).
I'm just giving real world scenarios where people might have two phones, plenty of people have them for different reasons, it's useful to sync between them - I should have worded that differently.
Oh, I understand now. Though I would argue in your sister's case she would explicitly not want to sync. But other people might. I'm actually highly in favor of Signal allowing multiple devices and their platform to be expanded (it'd be nice for IOT bots). Or even allowing for decentralization while maintaining the core official node.
Yeah, the history sync issue is a huge problem, signal doesn't even support Android BackupAgent based client side encrypted backups or device to device transfers at all which should not be difficult to add, see: https://community.signalusers.org/t/support-native-android-b...
Signal should in theory also be able to just sync/backup everything to the desktop client, this would largely solve the inability to transfer between Android and iOS issue.
I don't understand why such basic quality of life improvements have yet to be implemented, especially since they are especially desirable for less technical users.
They're orthogonal to good security. Missing data is always better than encrypted data. I wish it had a global keep messages for X time feature like iNessage instead of tge per yser configurable dissappearing messages.
Implementing these sort of backup options should not result in a meaningful reduction in security as they don't effectively change the security model, encrypted client side backups are equivalent to the existing signal specific encrypted backups on android, device to device transfers are the equivalent of coping the existing signal specific encrypted backups to a new phone and restoring them. The desktop client receives copies of signal messages normally as well so it effectively keeps backups already(they just often end up incomplete and can't be restored properly).
You’re totally correct that there are trade offs. Coming from a background of using IRC, google chat & Facebook chat with and without e2e encryption and deleting accounts etc I’m used to not always having forever message history and I can see how not having that would be a nonstarter for some users.
Yes there are sacrifices and trade offs for the security signal offers and it’s not 100% as convenient as Facebook messenger in that regard, but it’s also not 100% as cumbersome and impractical as GPG email. It strikes what I consider a decent balance of being secure and private and usable enough for non-technical users. Yes the message history story is lacking, I lost my messages moving iPhone to iPhone because I did it wrong and yeah it made me sad for a moment but I’m philosophical about it I guess. Dust to dust and all that.
I recently switched WhatsApp from Android to iOS and I was flabbergasted there was no official mechanism to retain message history. As annoying as it is, it goes to show most people don't actually value it highly.
Facebook would have no trouble funding a basic iCloud-GDrive bridge if there was enough demand for it.
The lack of portability of WhatsApp between the two mobile OS platforms is infuriating.
Of the three (WhatsApp, Telegram, Signal) I find WhatsApp to be the worst from a UX pov and Telegram the best.
Personally, I find this exodus of users from WhatsApp to be a good thing even for no other reason than having to deal less with their UX.
Signal is not much better UX wise, but at least it gives hope of being better because they have to compete and because they are open source. If they fail to bad at growing the project or providing the infrastructure, someone will eventually fork and setup a separate network. WhatsApp has no pressure. It is in Facebooks interest to eventually migrate everyone to FB Messenger.
Does it make sense to destroy one feature for the illusion of having both?
Elements.io and telegram (to a much lesser extent) are safes. You place something there and it is locked. Signal, whatsapp, et al promise to be safes, but as soon as you place something, a hidden camera scan all the documents and print copies in a hidden printer at your home safe.
Would you trust that safe? would you still even call them safes? Yet some product manager/marketer convinced you that these are essential features for a "easy of use safe".
And what on earth does cryptocurrency have to do with mass appeal then?
The whole "not available in the US" messaging around MobileCoin, no doubt to avoid regulatory attention, gives this particular ponzi scheme a very nice ring.
That and a handful of early WhatsApp employees now work at Signal. WhatsApp, back in the day when they were just 30+ people, accomplished amazing feats of product and engineering given the scale and growth. I sense Signal has the ambition to outright compete with WhatsApp on most if not all fronts.
I, for one, welcome this; the larger market is asking for a privacy-focused WhatsApp alternative, and Signal could be it.
Amen to all your points. I find this really disappointing. The "yeah, but they are a non-profit so you can be assured they are good custodians of the product" no longer goes for me.
Crypto integration was one of the things that arguably killed Keybase for a lot of users, and damaged trust. Given that trust is the selling point for these type of services, I really hope Signal don't lose it.
Yeah, it was a disaster for Keybase IMO. My messaging tools are already valuable enough to me, the last thing I wanted was a reward on hacking it. When keybase did their Stellar drop, I didn't activate it and it was just a nagging option in the UI forever.
I don't like using SMS for 2FA because it encourages people to social engineer the phone company to port the victim's phone numbers. I wouldn't want crypto in my messaging app for a similar reason.
Right now hacking a user's Signal account means you get some txt messages. Big deal. With payments there is now real reason to try to hack Signal accounts because some percentage of them will contain money.
The counter argument would be seeing the success of WeChat in China and wanting to reproduce that success AND expecting that if they don't do it someone else will do it and take their market.
Whether that's true or not I don't know but if I believed it was true then your arguments wouldn't matter since I'd believe not doing it is an existential risk.
If that is their thinking, then they are quite naive. Comparing WeChat's success in tackling payments with a crypto-based attempt is laughable. WeChat is using real money, and it has explicit official endorsement by the state - an extremely powerful state at that in terms of internal control.
In contrast, any crypto-currency based solution will be inherently distrusted, and few if any states will endorse it. It is more likely to be actively discouraged by many states, and the crypto support may well end up as a pretext to ban Signal on economic rather than censorship grounds.
> the transfer of cryptocurrency is the same as the transfer of generic messages
Technically, yes. Legally and sociopolitically, no.
And if you intentionally muddle the data streams, that brings the full force of anti-money laundering, tax evasion and terrorist financing law against you. It gives almost any government a free pass to do what it wants.
Freedom to speak privately is, in most democracies, popularly recognised as a right. Freedom to pay using dark money is not. Attaching the second to the first weakens both.
> FinCEN distinguishes custodial exchanges with noncustodial wallets. It looks like signal is doing the latter.
We agree. There is a legal difference between a custodial exchange and noncustodial wallet. Just as there is a difference between a non-money messaging system and a noncustodial wallet. The comment you are responding to concerned itself with the latter.
I'll tell you one way it's not, is as soon as someone commits a crime who happens to use Signal and the media gets ahold of this. It'll be a circus with terms like "dark webv and wha not thrown arohnd. GPs point #3 is kind of important for their reputation and if we want to onboard more people into crypto messaging.
Transferring cryptocurrency between different people (with the exception of spouses) is an asset disposal that is subject to capital gains tax in the UK. It doesn't matter what, if anything, you get in return.
I don't know how will it play out for Signal in countries which have banned or are planning to ban crypto as a currency. RBI had issued policy to banks to stop providing banking services to people/organizations holding/trading in crypto. Though the blanket ban was invalidated by the supreme court after two years, but using it as currency is against Indian Law and the government is working on a new law to further restrict it (read legalizing RBI policy to a great extent as I understood) .
In such cases, Signal could easily be banned in such countries outright.
The "scam" is using payment systems that allow their owners, controllers, or just hackers to spy on every single transaction on earth, accessing all your past present and future economical activity on demand. Not even the worst dictatorships of centuries past ever dreamt of such awareness and control.
The promotion of pseudonymous and anonymous digital payment systems such as cryptocurrencies is vital to a healthy and functioning society.
I can't really see how a craptocurrency attached to a messenger provides any sort of pseudonymity. If I can send money to you, I can later identify you in a ledger, which simply means I need to find some reason to converse with you and it's game over. If the ledger isn't public, you're back under corporate or Government control.
Signal does not require KYC, so there is no direct link there. As far as public ledgers are concerned, pseudonymous activity offers reasonable privacy controls as long as you know what you are doing.
There are also entirely anonymous cryptocurrencies with no readable public ledgers. Everything is still decentralised, no centralised control of any kind, but you can't see what people are doing (Monero and Zcash being good examples. Signal uses Mobilecoin, which still needs to stand the test of time).
There is still a long road to go before there is a fool proof anonymous, liquid, consumer friendly, usable cryptocurrency, but it is the last bastion of defense against complete total state and corporate surveillance. - One of the greatest threats to human life, on par with climate change.
Your use of the word "craptocurrency" is rather childish and naive. Eventually you will take a closer look at the situation and reconsider. Good luck
What about using Wickr as an alternative to Signal.
What all these "tech" companies tend to do is to exploit a captured audience. They are generally not focused on doing one thing well (producing a product or providing a service), they are more focused on building a following and then doing with those users whatever they like. One of the most blatent examples of this line of thinking is Microsoft's acquisitions. They acquire companies in order to get access to users. The "technology" is secondary. Another example is WeWork. They started introducing WeEverything. The product or service being offered is what is important. It could be anything. Instead the focus is on building an audience and exploiting that captured audience. One can apply this analysis to almost any "tech" company. "Growth" is the number one focus. No one really cares about what it is the company purports to be selling.
## Linux
### Linux Requirements
- CMake 3.1 or higher
- Clang
- OpenSSL => 1.0.2 (Optional)
### Linux CMake Configuration
The linux build can be configured using the standard CMake flow with a few options
```
mkdir build
cd build
cmake -DBUILD_OPENSSL=true \
-DCMAKE_BUILD_TYPE=Release \
-DCMAKE_INSTALL_PREFIX=USER_INSTALL_LOCATION ../
I can accept a definition of scam that includes fiat. Though it definitely doesn't track the same way with cryptocurrency.
I associate nootropics with scams but I definitely don't think all nootropics are scams. If someone said, here buy this pill that will make you smarter I'd be incredulous.
My point was cryptocurrency has a deserved bad reputation (for the reasons I mentioned).
I love the lofty ideals but the reality is the altcoin world especially is a minefield of scams. That reputation will hurt a messaging app that has done a pretty good job of building good will.
There are 250 million units of mobilecoin, and majority of them are owned by the founders. Only 37.5 million have been distributed. With current price ($65), they're worth $14B already. This makes the project a scam and impossible for it to work as a reliable money that holds value. Bitcoin had no pre-mine and has been fairly distributed from the start.
The founding organization owns 85% of the total market cap of a coin? That should be raising red flags for everyone involved.
There is no valid reason for the vast majority of what is supposedly a currency to be owned by the company that created it. Imagine if PayPal launched but required everyone to transact in fractional shares of PayPal to get anything done. Oh and by the way, those shares are majority owned by the founders, but they’ll sell you some so you can send them to your friends.
Of course, it's totally centralized. The 'cryptocurrency' marketing just exists as a regulatory dodge.
So far this scheme has worked out fine for the original creators of Ripple-- who've extracted hundreds of million selling their massive premine to an ignorant public, then abandoned the original and did it again. What we're seeing from signal now is just a third generation of the same scheme, preempting the ripple founders from doing it again (or maybe they're involved behind the scenes, who knows?).
So long as there seems to be no consequence except a massive windfall (SEC fines against ICO/premines have tended to be a fraction of 1% of the funds raised), it's unsurprising to see them continue.
The fact that it may kill one of the more useful secure messaging apps as a side effect? Welp. This is why we can't have nice things: Collectively, we're better at funding borderline scams than public goods.
At least it's better than Bitcoin, since in this case it's well known who the whales are.
If one wishes to subject their wealth to the whims of a massively centralized cartel of "rationally self interested" HOLDers, maybe it's better to deal with the devil(s) one knows.
Most people don't want private electronic payments. In stable countries like the UK - where this is being launched - it's basically only useful for buying drugs and tax evasion.
One can argue than most people don't care about private messaging as well... I find it a bit scary that my bank has all my purchasing data : they basically know everything about me that way, what if they decide to sell this data ?
That's definitely not the direction taken by society... Pandemic, convenience, online businessew ( yeah, I know we could physically mail cash for online purchases but, come on... )
I can't remember the last time I could use paper cash. Beyond your daily groceries, everything is usually exclusively paid for digitally.
Surveillance on daily spends is not valuable. What's valuable is things connected to your identity, specifically associations with other individuals and companies.
This is the way government wants you to think. They want to know literally every dollar (unit_of_monetary_exchange) that you use and don't care one iota about your privacy. They don't want you to value privacy at all.
The vast majority of people simply don't care about this. I mean I have a hard enough of a time to get people to care about privacy-centered messaging apps. Getting them to even begin to comprehend the myriad of cryptocurrencies and the confusing space of DeFi is simply not going to catch on. To them, there's really no benefit outside of "number go up" and so-called store of values, which conveniently have the nasty side effect of requiring users to do their own OpSec. That's actually harder than you think.
And that's not even accounting for how scam-ridden the entire space is to begin with. Who can they even begin to trust? Seems like an oxymoron for a trustless system, when the fact is they aren't even sure if they can trust themselves.
I find it mildly hilarious too, that places like BNY Mellon and JP Morgan are exploring cryptocurrency storage options. Now we are back to "trusting" those darn evil banks everyone gets triggered about.
Can you spell out why is that fundamentally bad? I'm asking in good faith not to be oppositional, apologies if its a stupid question.
But if you were buying shares in a company it would not matter if most the shares were held by the company (as long as there is enough liquidity to sell your shares in future).
Why is it different with the currency? I get that its making the founders rich so perhaps they have greedy intentions, but why does this inherently undermine the validity of the currency?
A cryptocurrency is generally more easily spendable in an open market. The sell potential that a founder has with 75% of the supply is massive.
If I created a coin today and sold 1% of the supply to you alone, on what basis would you want to store any value in that currency? Given constant buy demand, The currency's market value is defined by what I do. This is why organic price discovery for a currency is important.
> If Signal was serious about this they would have launched their own fork instead of pitching a pre-mined coin to their users.
Agreed. They either would have launched their own fork and distributed the vast majority to their users, or at the very least chosen an existing project that was fairly well distributed.
This makes me believe they primarily did this in return for an incentive from Mobilecoin.
In my view there are worse ways to make money from a chat app. Like selling all your users data. Ir worse yet just selling out to FB. At least a crypto scheme can maybe be the cash cow that helps them keep true to the privacy aspect....
Someone should always take the time to point out to such threads that WhatsApp was running very profitable based on that model without eveb trying.
Also feel free to read anything by the Basecamp guys (yep, the guys behind Rails).
It won't get you or the investors (another) yacht, but there exist a number of companies that delight their customers and change history far more than many attempted unicorns.
Until something goes awry in that crypto scheme and some intelligence agency decides to use that as leverage to undermine the security of Signal. Moxie, on his own, may be resistant to pressure, but when there's a secondary company involved that might be pressured by threats of losing several million dollars...
This commingling of business interests means there's more angles of approach, and much more risk exposure.
Yes, I've read that. I find it a stretch to draw that conclusion though, as if it's some back door deal for funding.
For all the criticisms of cryptocurrency (and I have many...), I don't particularly see anything on MobileCoin's work that indicates the usual shady cryptocurrency stuff. I'm not sure it belongs in Signal, but I do think this stuff can be evaluated without people starting conspiracy theories.
It's not a conspiracy when it's all out in the open. Calling things you don't like a conspiracy theory to discredit them is a poor form of argument.
A bunch of decently well of people decided to do a few handshake deals to make each other a whole bunch of money. That's how most of the world rolls so this is simply par for course.
If the owners of MobileCoin own 85% of existing coins which at current rates is valued at $14 billion, you actually expect they're not in this to liquidate their coin for that $14 billion if they can snooker people into using it?
>It's not a conspiracy when it's all out in the open. Calling things you don't like a conspiracy theory to discredit them is a poor form of argument.
This statement would work better if that's what I was doing, but I'm not.
You (and nobody else) on this thread knows for sure what's going on there, and if Moxie's been advising MobileCoin for years I don't see how it falls under a handshake deal.
There is nothing to indicate that he, or Signal, are directly profiting from this, other than some MobileCoin people saying they want to donate to Signal (which is a good thing - I'm really not bothered by that particular point).
> I love Signal and I started MobileCoin to help fund their work.
I don't see how it's a conspiracy theory that this is a backdoor way of funding Signal when the CEO literally says that MobileCoin was created as a way to fund Signal.
I don't see how it's a quid pro quo for someone like Moxie, with his background, to advise a project for years and then work with them to integrate it given the alignment with regards to privacy initiatives.
I find it conspiracy-theory in nature to assume otherwise; I think it could've been handled better from a server source code side but I don't really see why this has to be an assumed bad faith thing.
It's quid pro quo to include an obscure scam coin out of the blue into an entirely unrelated product, with a public promise from the scam club owners to donate their money to your business. The fact the the owner of signal had already been associated with MobileCoin for a long time makes it worse, not better.
Signal including a cryptocoin came completely out of the blue (well, apparently there were rumors, but that doesn't mean it was an expected change). MobileCoin is also deeply suspicious in its mining model, and is not some well known coin.
And what is the downside to them if this isn't entirely true? On one hand you have tens of millions of dollars and potentially a lot more, on the other you have a few angry nerds.
because the US has a long reach in the financial world even into Switzerland (these days). The IRS is on a war path against crypto currently and I think they believe 50% of it is something they can be taxing or is fraudulent. The US government doesn't like things that are hard to track.
What value do you provide? at least when I buy vbucks from Epic I know I'm getting fortnite skins with it.
Why should we run a node free of charge when you extract all the profits of our efforts?
When I see statements like "there's no economic incentive."
I read "I want all the profits, and screw everyone else".
If you genuinely wanted a decentralized network, then you would provide fair compensation for the added value the node provides against attacks on the network.
Agreed. I was half expecting this was going to be using Monero, one of the more popular privacy-oriented cryptocurrencies I know of that's already being used.
E.g. the only cryptos I've seen people accepting on dark web markets are Bitcoin and Monero.
There is no mining which is the big issue. The big issue with their plan is that they hold 85% of the outstanding coins, which at current rates makes them billionaires. No doubt they will liquidate it in chunks to move it from digital potential to cold hard cash.
PoS and MobileCoin validator nodes use about the same amount of electricity.
I'm not a fan of PoS because it looks like a ponzie scheme (unless it's done like eth where initial distribution is done via mining)
This is actually worse than PoS, because PoS uses standard public key cryptographic to validate ownership of coin in the chain to stake, it at least in theory can achieve "trustless" validation.
This on the other hand is just a shitty attempt to outsource database maintenance to untrusted 3rd parties, using SGX, while forcing them to pay for S3 hosting because they can't implement a DHT to do proper decentralized file transfers.
All calculations of this sort are fatally flawed because they assume all the coins in one address are owned by one person. That would be like calculating the US Gini coefficient assuming that all bank accounts are owned by the CEO of the bank.
Sure but that doesn't offset the first problem, it's just an additional problem. In fact I believe it could move the fake Gini coefficient in either direction depending on how each person splits their money.
that's like saying that the internet isn't decentralized because lots of people interact using facebook. that address isn't decentralized, much like facebook isn't. that doesn't mean that bitcoin or the internet aren't decentralized.
"Decentralized" means little without more context. The issuance of bitcoins isn't a legal monopoly. In this sense Bitcoin is "decentralized". On the other hand the Bitcoin blockchain is a centralized ledger, which is distributed, but nonetheless centralized. So which one is it? Centralized or decentralized? It doesn't matter because at this stage "decentralized" is being used as a mere buzzword rather than to convey a precise meaning.
Who shares a bitcoin wallet or operates one like a bank? If anything the opposite is more likely, several bitcoin wallets belong to single individuals, probably in particular for some of the high net worth ones in an attempt to obfuscate ownership, which if anything, understates how concentrated it is.
A system which is 12 years old, of which many people have not heard about, don't understand, or may not even care to understand. In some countries its illegal to use. Most countries have unfriendly tax treatment (capital gains on your coffee purchase). Can't be paid in it. Can't yet pay your federal taxes in it. Uncertain if the government will one day ban it.
Yes. It's the same tax treatment that applies to gold bullion or barrels of oil - volatile commodities that are at least partly speculative investments rather than stable mediums of exchange.
Country-specific, but often you don't have to account for them up to a certain limit, and/or you can treat anything you buy in a foreign national currency as having been bought at what you originally paid for that currency.
No “pre-mine” doesn't mean fairly distributed. Bitcoin is a multi-level marketing pyramid scheme as well. Early adopters mine or buy large proportions at negligible prices while late adopters mine or buy negligible proportions at large prices.
By this definition, every company stock is a multi-level marketing pyramid scheme.
In fact, company stock is WAY worse, because the majority of people are legally prohibited from investing in private companies unless they're an accredited investor (already rich). So, only rich people (other than founders and early employees) are allowed to buy in at super low prices before handing off the bag to the public.
This is incorrect. Stock represents actual ownership of a scarce resource (a company). That company would have value whether or not it was explicitly sold as a stock. The value doesn’t come from the stock.
Cryptocurrency removes the underlying asset and simply sells shares of artificial scarcity. It’s only as valuable as what people decide to trade it at, because it doesn’t represent ownership of anything other than itself.
Stock represents actual ownership of a scarce resource (a company).
Is there a limit to how many shares a company can issue? No, a board can technically issue shares unto infinity. There is no guarantee of scarcity, no guarantee they will not raise more money.
That company would have value whether or not it was explicitly sold as a stock. The value doesn’t come from the stock.
So when a company has no profit but a high valuation, is this the market correctly discounting future predicted cashflows and giving a company fair value, or is it some sort of scam? Ex: Is NKLA actually a $5.2b electric vehicle company? How about the spade of Chinese IPOs that ended up being vaporware?
Cryptocurrency removes the underlying asset and simply sells shares of artificial scarcity.
The scarcity isn't artificial. It's mathematically provable, open source and auditable. If you think you can manufacture "fake" btc on the blockchain, feel free to try. If you think you can successfully fork and create a whole new chain, you're also welcome to try.
It’s only as valuable as what people decide to trade it at, because it doesn’t represent ownership of anything other than itself.
This is actually factual for anything in existence. A piece of bread. A $100m painting. You're starting to figure out what peculiar creatures humans are.
> Is there a limit to how many shares a company can issue? No, a board can technically issue shares unto infinity. There is no guarantee of scarcity, no guarantee they will not raise more money.
The scarce asset is the company, not the shares. Yes, they can issue more shares, but those shares still represent the same company plus the new investment money raised by raising the shares. They're not creating more company out of thin air when they issue more shares.
EDIT: To clarify some misconceptions in the comments below: When a company sells more shares into the market they are not simply diluting away existing shareholders. The keyword is that they are selling shares, meaning they take money in exchange for shares. The company's value increases by the amount of money they take in exchange for the sale.
Example: If a company is worth $1,000,000 and has 1,000,000 shares outstanding, each share is worth $1. If the company decides to sell another 100,000 shares and the market buys them at $1/each, there are now 1,100,000 shares outstanding and the company is now worth $1,100,000 because they took in $100,000 of cash via share sales. Existing shareholders have not lost any money or value.
> but those shares still represent the same company plus the new investment money raised by raising the shares.
No. Your shares were _diluted_ by the company issuing new shares. Now your 100 shares are worth half as much. Shares have predicted forward value embedded in their valuation. When you buy a share, you're betting that company will continue to grow. If it's having to raise money and issue new stock, odds are it's struggling with cash on hand. Maybe the bet will work out for you. Maybe not. Stocks are gambling, though, don't let yourself believe otherwise.
> Companies can't simply dilute away their shareholders like you're suggesting. The money raised by selling shares doesn't simply disappear.
Yes, they can and yes they do, all the time. That's not only precisely how VC funding works in the early stages of a startup raising seed money and subsequently doing Series A, B, etc. that's also how public financing works via new share offerings on a public marketplace like NYSE or NASDAQ.
The cash they receive has no forward value. $1 will be worth $1 in 10 years. When you buy shares, you are betting on future value. When a company trades new shares for cash, it is trading some portion of its future value for cash today.
Not only that, but the cash on hand can disappear rather quickly (after all, they are raising it to spend it) depending on the company's expenditures, cost of new customer acquisition and whether its growth strategy is working or not.
Also, shareholders are the last to be compensated in the event of a bankruptcy or liquidation. Bondholders take preference.
If a company raises $1mm on a $9mm pre-money valuation, the company is now worth $10mm ($9mm valuation + $1mm raised) and the extra shares correspond to the $1mm raised.
Onwership is diluted on a percentage basis, but the Series B and C investors didn't steal value from previous investors through dilution. There are more shares because there is more money in the company.
> If a company raises $1mm on a $9mm pre-money valuation, the company is now worth $10mm ($9mm valuation + $1mm raised) and the extra shares correspond to the $1mm raised.
No, the company is worth it's last share price x number of shares outstanding. A company is worth what the market will pay for it, not for what some bean counter guesses is the value.
Yes, they didn't "steal" value, they traded cash for present and future potential value.
That cash doesn't just get parked in a bank account (it gets spent) and the company valuation isn't static, it changes based on market perception all the time.
You are thinking in snapshot accounting terms and not in real market valuation terms. Dilution typically causes price per share to fall unless growth is outpacing the dilution significantly.
I own 10% of a company. Several rounds later, I now own 2% of the company. It is possible the company is now valued higher or lower than what I got in at.
> Companies can't simply dilute away their shareholders like you're suggesting.
They absolutely can. When you buy shares, or exercise options, in an early stage company the documents clearly specify that the shares can be diluted, which is how it's on solid legal footing.
OP was responding about stocks being just as much "multi level marketing" because you still need someone to sell the shares to, someone willing to pay more for it than you did. So it is actually irrelevant to scarcity or "intrinsic value".
It doesn't matter if it represents the company because the thing that shareholders care about is how much $ each share represents. This is why a stock will tank when a company talks about diluting their existing shares by creating new shares out of thin air. What you're talking about would be more akin to a stock split.
When a company sells more shares, they money they raise from selling those shares contributes to the value of the company.
If a company sells 100,000 shares at a dollar each, the company is now worth $100,000 more because they now have another $100,000 on their balance sheet. No value is lost in this process.
> This is why a stock will tank when a company talks about diluting their existing shares by creating new shares out of thin air.
Companies can't just declare that more shares exist and dilute away shareholders like you said. They either issue them as stock based compensation, which is an expense, or they sell the shares to buyers, which means money goes toward their bottom line.
Value is lost to existing shareholders who have the value of their shares diluted. Everything you're saying may seem logical, but economics is often illogical and any 1:1 $:stock sales still tank the share price.
> Value is lost to existing shareholders who have the value of their shares diluted.
You're confusing percentage dilution with absolute diluation.
The shares represent the value of the company. The value of the company has increased by the amount of money raised. Each share represents a lower percentage of the company, but this is offset by the fact that the value of the company has increased by the amount of money raised. The shares have not been diluted on an absolute value scale.
Owning 10% of a company worth $1mm is the same value as owning 5% of a company worth $2mm.
If you own 10% of a $1mm company that raises another $1mm by selling more shares, you now own 5% of a 2mm company. Your percentage ownership is diluted, but your value has not been stolen.
This is basic pre- and post-investment math. Shareholders are diluted on a percentage basis, but not on an absolute basis.
I don't really care about how much of the balance sheet I could lay claim to during a liquidation. That's going to be pennies on the dollar, or nothing.
I care how much of future profits will be returned to be, which does depends on the percentage I end up owning. A round needs to enable a bigger gain than the fraction it dilutes everyone.
That would very much depend on what you're buying stock in. Holding companies and investment companies are mostly valued to what your "share" of their holdings is worth. Real estate too.
You continue to make a 1:1 assumption. Dilution can cause the stock to go down because of FUD of financial health. It can go up because of strong leadership and optimistic futures. It's not occurring in a vacuum where $1 is 1 share and +$1 to company worth.
But raising money might also cause the stock to go up, right? More investment signals confidence and planned growth. More people may want to buy in.
Issuing new shares is not always a good move and sometimes it might cause investors to lose money and percentage ownership, but sometimes it might be a good move and result in investors gaining money (though still getting their ownership diluted).
Yes but a company doing something that causes the market to value shares less isn’t dilution. The fact that you know how the market will respond to companies raising capital by issuing new shares doesn’t change the legality of it.
> EDIT: To clarify some misconceptions in the comments below: When a company sells more shares into the market they are not simply diluting away existing shareholders.
The scarcity is technically real, but practically pointless.
Every Bitcoin represents 100,000,000 tradable assets. If there are 30,000,000 Bitcoin in circulation that means there are 100,000,000x30,000,000 individual assets available to hold and trade. Do the math, and then realize that we’ll arrive at the heat death of the universe before Bitcoin is ever actually scarce.
Scarcity is about the rate of supply meeting demand. In most commodities, as demand increases, suppliers will move to increase supply to meet that demand. Even with gold (of which the earth has some unknown finite supply), the rate of which it is mined and extracted will increase as market price increases.
Bitcoin has a fixed supply, Bitcoin's daily rate of creation cannot be increased or decreased unless everyone agrees to it.
> This is incorrect. Stock represents actual ownership of a scarce resource (a company). That company would have value whether or not it was explicitly sold as a stock. The value doesn’t come from the stock.
Depending on the voting rights embedded in the share, your ownership is likely meaningless. It doesn't guarantee you rights to dividends necessarily and even if it does, the company can just choose to never issue a dividend (like Amazon). It doesn't necessarily grant you voting rights for the Board of Directors either. Worse, you have to go through a 3rd party broker to buy a share or trust a company like Robinhood to hold your shares for you. As we saw with GameStop, they can rug pull on you at any time. With decentralized cryptos like BTC & ETH, that can't happen from your own private wallet. You can always transact.
Cryptos such as BTC & ETH are provably scarce, not artificially scarce. You can validate supply at any time by running your own node and joining the network. You don't need anyone's permission to do that. It's a public blockchain.
>As we saw with GameStop, they can rug pull on you at any time. With decentralized cryptos like BTC & ETH, that can't happen from your own private wallet. You can always transact.
ETH is probably not the best example here because they have rug-pulled people with a hard fork.
At the time of that fork, the Ethereum website literally said "the code is the contract". Then, when someone found a perfectly legitimate use of that code that the creators failed to anticipate, they forcibly altered the contract. There are criminals here, but they're not the ones you think.
The issue with this narrative is that the "they" isn't the creators, it's the network. The Ethereum core devs can do whatever they want, but if nodes don't migrate across the hard fork then nothing happens.
The code is the contract, enforced by a decentralized network of actors. Of course that network can at any point change the contract if the majority of them agree to do so – how else would it work? The key is that there is no way for individual actors to modify contracts at will – you need consensus. It's the difference between oligarchy and democracy.
Just like how the US financial system only freezes the assets of Bad Guys, right? As for GME? We had to rugpull them because they were manipulating the market[1].
[1] Yes I know that wasn't the real reason why trading was halted
The point is that in your initial comment, you were saying that with decentralized cryptocurrencies you'll be free from third party interference, but with ETH the DAO hacker was subject to the very interference you claimed crypto wasn't subject to. Therefore it weakens your claim from something like "with crypto, nobody can stop you!", to "with crypto, nobody can stop you! ...except if you do something we don't like in which case we'll hardfork", which is pretty similar to how centralized systems work today.
A hard fork in a decentralized cryptocurrency is democratic, users chose which of the 2 new chains assets' they want to keep. No binary winner is decided, the market currently values ETH as 122 times more valuable than ETC, but ETC is not censored.
The sentencing of criminals in republics is very removed from democratic action (see drug criminalization).
> public votes to decide the amount of money I have.
Unfortunately, there is no alternative. The value of what you have is decided by what people are willing to pay for it in markets. If people decide that they value the forked ETH that doesn't provide the money to the people who stole from the DAO more than the version where those people have all of the money, then it is going to be more valuable. You don't escape this problem with fiat either.
Basic market mechanisms like this are pretty much inescapable.
As I said, there is no escaping market mechanisms, as value is market contextual. Certainly, there are assets with more or less stable value, but that is still due to the whims of what people (ie. the "public") are willing to pay.
Yes, the point here is not about the total valuation of each asset, which affects every holder equally, but about how individuals can influence, or not, the relative distribution of said asset.
If I'm, say, from a persecuted cultural group, I'll want to keep my wealth in an asset that has the same value whether I or someone else own it. Precious metals fit this bill better than both fiat and public-ledger cryptocurrencies.
> By this definition, every company stock is a multi-level marketing pyramid scheme.
No because the company's income doesn't come from selling more stock, but from selling valuable products. (Companies that don't have actual revenue are indeed multi-level marketing pyramid schemes and there are some of them around, but they're the exception rather than the rule).
The gold and oil rushes weren't "fair" either. Fortune favors the bold, I guess. I was salty for a long time about bitcoin early buyers being filthy rich now. My saltiness clouded my vision of the real value there. Granted, I think there are better solutions than bitcoin now, but I respect it.
By that definition, any stock or collectible is a "multi-level marketing pyramid scheme". A multi-level marketing or pyramid scheme is not defined as anything where early adopters might have purchased it at a lower price than later adopters.
Which is interesting. Unlike virtually every stock on the stock market, I see Bitcoin-stans constantly harp about the "USD price" of Bitcoin on places like Twitter, Youtube, any social media with a large enough megaphone, just so they can stir up loads of FOMO and get people to make a financial decision that is likely not led with wisdom and prudence in mind. Especially with how high BTC is priced at now, you'd be lucky to have massive multipliers on your initial buy in as you might have in the earlier days. The diminishing point of returns is rearing its ugly head, so more pumping must happen to keep this all in the public zeitgeist.
That kinda smells pump and dump like to me. Lest we forget, the end of the previous bull runs in 2013 and 2017 wiped out some people that made bad investment decisions (and there's no guarantee another black swan event won't happen again in the future). Not to mention, whenever there is news of someone losing their wallet keys, Bitcoiners breathe a sigh of relief, knowing that that's one more person that has to permanently HODL. Gross.
Yes agreed. Though I would add that this is a paradigm shifting technology, so there may be something substantive underlying all of this Bitcoin hype.
As for crypto as a whole, Ethereum has real world use cases, like stablecoins and NFTs, and an extensive multi-pronged development effort to expand its capabilities, in particular scalability, that cannot be dismissed as mere hype.
Just on the basis of fee revenue alone, and the assumption that this turns into income for ETH holders once the platform switches to Proof-of-Stake, Ethereum's current valuation can be justified with only the assumption that its price-earnings multiple will match that of relatively mature and low-growth industries like electronics.
Personally, I'm still incredibly skeptical about Ethereum and its ilk, but certainly a far less energy wasteful PoS methodology in the next version (when it finally goes full throttle) I suppose would be a good start.
Adding to this, unlike Satoshi Nakamoto, which I believe to be the alias for a team and not a single person, Vitalik Buterin at least is not shrouded in mystery and is out in the open. I'll give credit where credit's due. He's pretty upfront about his pet projects.
I don't share your enthusiasm for stablecoins and especially NFTs, though that's an entirely different can of worms.
For now, I'm happy to see where this all goes as I watch from the sidelines and not capitulate to FOMO. Yet so far, I can't help but feel that the market effects surrounding the ETH network is nothing but grifts and rich-on-paper showboating. Plus, my God those gas fees...
the integration with signal made the valuation of mobilecoint jump from around zero to 65$. I hope the signal team got some mobilecoins in return for the favor.
my initial thought was: why didn't they choose monero (another coin that is privacy-focused but sort of more established). However monero is already much higher than that mark, in its valuation.
Fyi, while the whitepaper marcinzm links to may not be the design you implemented, it is the first result (for me, at least, in the UK) when googling "MobileCoin Whitepaper", while the Mechanics of MobileCoin repo doesn't appear at all.
Just in terms of avoiding confusion, you might want to reach out to mixin.one to try to replace that document with one that clarifies that the design outlined there was not used? Or publicise the actual design a bit better? (I couldn't find a link to this repo on the MobileCoin website, which is why I searched for the whitepaper elsewhere in the first place).
It's in the whitepaper. There are 250 million coins in total, and 37.5 million were sold in the ICO. I couldn't find any information on further distribution or monetary policy, so I assume the founders still hold them.
That moves the goalposts from "did satoshi premine?" a question with a well-defined criteria, to something more vague like "is bitcoin fairly distributed?", which opens a can of worms regarding what "fair" means.
The Wired article that the CEO of Mobilecoin is implicitly endorsing in this thread specifically categorizes Mobilecoin as a cryptocurrency. At least, it doesn’t seem to be a distinction worth splitting hairs about (yet).
That's not what pre-mine means. As for "fairly", that's debatable because it's unclear what "fair" means. Should everyone on earth get the same amount? That would be the most "fair". How would the logistics of that work, for a cryptocurrency? What about all the people born after 2009?
Long-time Signal user here, with a number of technical and non-technical friends, colleagues and acquaintances who also use it. I don't know who was asking for this. And I think it really dilutes Signal's message.
I believe that everyone has a fundamental right to secure, private communication. Some people may hold the same belief for the right to transfer funds. I don't agree and I suspect many others feel the same. That tension alone makes this look like a bad decision to me.
This kind of anti-feature is not what I signed up for. I just wanted a secure messenger normal users could understand! It seems like a simple enough problem that Signal solved well (apart from the phone number requirement).
Sadly, now it feels like Signal was just a long game trojan for Marlinspike to onboard users to a cryptocurrency pyramid scheme. This has nothing to do with its core functionality and it makes me question the developers' motives.
I've wasted my influence with my non-technical friends convincing them to adopt Signal, and I don't forsee convincing them to switch yet again to something different.
The state of secure messaging is really bleak. I wish Matrix had an IM-style client that was decent enough for non-technical users to adopt.
> I've wasted my influence with my non-technical friends convincing them to adopt Signal, and I don't forsee convincing them to switch yet again to something different.
This has bitten me before. Now I'm thinking that every recommendation and suggestion to adopt must come with a "for now this is the best way to do it, but it will probably change again". And somehow try to prepare the non-technical people for that.
> Now I'm thinking that every recommendation and suggestion to adopt must come with a "for now this is the best way to do it, but it will probably change again"
Hah, this almost feels like a matter of faith. It would be interesting to see though where Matrix would end up if it manages to becomes as popular as Whatsapp or even Signal.
> The state of secure messaging is really bleak. I wish Matrix had an IM-style client that was decent enough for non-technical users to adopt.
See Element [1] which uses Matrix [2]. It feels like IM, and is super simple to onboard new users. I'm not involved with it, but I'm a huge fan of the Matrix ecosystem.
If you want group chats to be mixed in with 1-1 chats, try SchildiChat [3], a fork of Element.
Even with a fast home server Element is quite slow. Slow enough that even I, trying to get my circle to use it, feel some reluctance to open the app. Hopefully the upcoming Hydrogen client can solve this.
I love FluffyChat. Been using it for a month now and it's significantly faster than Element/SchildiChat on Android.
It has the basic chat features I would expect from a Matrix application. Only feature I don't think it has crosssigning at the moment. (In which you're signing your friends master-key, which they use to sign their new devices, so you don't have to have a cryptoparty anytime a friend adds a new device)
I occasionally use Element on my Android device, waiting for it to get to the point where I can seriously recommend it as an alternative to silos like Signal or Telegram. It's sadly not at that point.
Fundamentally, Element "feels" more like an IRC client than a typical IM client like Signal. It isn't focused on direct, one-off, or small group communications (this isn't a technical thing and it has nothing to do with federation, it's simply the UX paradigm that Element has adopted).
The SchildiChat fork looks promising, although it's clearly too early to recommend it. It's not even available on the Google Play store, which makes it unsuitable for non-technical users.
> This kind of anti-feature is not what I signed up for.
At the risk of sounding like a Signal simp: don’t use this feature if you’d don’t like it? I have no idea whether this is a good or bad idea, I figure the proof of the pudding is in the tasting and I haven’t had a chance to try the signal payments feature, but I’m willing to extend the benefit of the doubt here at least as far as “I’ll withhold judgement til I can try it for myself.”
I really don’t get the ire on this. I think it’s good that whisper systems is forward looking and trying to be innovative and dynamic and go where users are rather than just sit around waiting to become irrelevant. Not all experiments or risks will pay off but that doesn’t mean risks and bets are bad.
It's the fact that many much needed improvements to their core offering are not being taken care of and instead they've gone and done this, which nobody asked for and puts the operation at risk. Not to mention that they integrated a premine scam coin over a proven leader like Monero. Sadly it seems the Signal team has sold out. Really hope their payout for this move was worth it.
How do I prove that I didn't use it? And why on earth would I want a messaging app to put a target like that on my back if I'm not even using the feature? With this feature, the likelihood of someone demanding access to the app grows from almost zero to pretty significant.
How does the ability to transfer "points" from one number to another, remove from the messaging features?
Is it really that hard to imagine unobtrusive UI that makes this as optional as sending GIFs, stickers or location data? Or did the later features already kill Signal for you?
Signal's UX still needs work and a lot of features just don't work very well (e.g. the desktop sync). That's fine in and of itself - the team is small and they're funded by donations - but if they're spending time on payments, that raises concerns for me about the priorities of the project and how the funding is being spent.
I don't know what who was asking for this either, especially when what I consider to be core features are still missing.
Signal for iOS still doesn't support message backup like the Android version.
And Telegram introduced a feature to import old Whatsapp chats into new Telegram conversations, a form of "backup". This was great when I was migrating away from Whatsapp, and made the decision between Signal and Telegram easy for casual conversations where encryption wasn't a priority.
> I believe that everyone has a fundamental right to secure, private communication. Some people may hold the same belief for the right to transfer funds. I don't agree and I suspect many others feel the same.
What are the arguments?
Don't you think that as data becomes more and more valuable, "freedom of transaction" is a natural evolution of "freedom of communication"?
In an environment where only "legally valueless" data circulates freely, the few entities that are actually able to monetize this data become gigantic monopolies (Google, FB, ...), while most individual parties are either forced to play by their rules (Youtube, Patreon, ...) or filtered out by startup costs.
My view is that the public in general has a right to universal services that can realistically only be delivered through taxation. That right needs to be balanced against the right to transaction privacy. It's one thing to say that friends should be able to send money to each other privately; it's another to think about bank settlements and international flows of large sums of money not being visible or auditable.
The whole issue is a real minefield and I don't have a firm stance. And obviously the fiat money system has gaps and flaws there too. I'm sure much of the HN audience would disagree with me here from a libertarian point of view. But I think it's safe to say that the issue of transaction privacy & freedom is not as straightforward as that of speech (which itself is really not that simple).
This is rather terrible news. On the other hand; there's no technical reason someone (like, say the EFF) couldn't fork the client and server - and establish a new signal network - maybe drop the need for phone number registration as well?
> Probably because all conversations (1-to-1 and group chats) are E2EE.
They are in WhatsApp, too. At least Facebook still claims that after the Snowden leaks :) And: Did you verify this? Did you check the source code at signal's android/ios client repo? Did you also verify that no untrusted third party receives your backed up private keys?
I'm not trying to troll here. I'm trying to point out that babbling about crypto is easy. Verifying it, and actually caring about it is another thing. Most users are probably also the wrong audience for early adoption of TOX.
How is using Google for domain fronting for the purpose of censorship circumvention "trusting Google"? They don't get to see the message content (just like Facebook doesn't see the content for WhatsApp).
> Did you also verify that no untrusted third party receives your backed up private keys?
Private keys are not backed up in either service, as far as I know.
> Did you check the source code at signal's android/ios client repo?
Given the lack of reproducible builds on iOS/the app store, any source code audit is pointless if the app vendor is included in your threat model.
Communication platforms like Signal live or die by network effects. If payment is incorporated as a first class citizen into other platforms, Signal would need it as well to maintain its network - just like it would need the capability to transfer photos or other non-textual items.
Signal is still centrally controlled and compiled by a single entity and distributed only in an unsigned insecure form or in a signed/verified manner only if you give up your privacy to install with Google Play or the Apple store.
Those that only run open source software like myself have no secure way to run Signal short of compiling every release by hand which is impractical. Moxie has stated he will not support anyone but his team compiling or distributing Signal binaries so third party signed builds via privacy focused app stores like F-Droid are out. All builds must also use Signal centralized servers even though that centralizes TCP/IP metadata, etc.
Not to mention you need to show government ID to get a SIM to use the Signal wallet for said private currency/messenger in 200 countries.
Secondly having a decentralized currency whose servers can only run on Intel machines with Intel SGX is a very centralized supply chain as well.
A single supply chain attack on Intel microcode or related SGX updates could run malicious code and game over for the currency globally? A government that sees MobileCoin as a threat could make Intel do this.
With a SPOF on the supply chain of the only client people are expected to use and another SPOF on the only hardware enclave people are supposed to use for servers... decentralized is technically true but not used in the same way as most other projects that use that word.
I will keep an eye on this experiment though, because there are some unique ideas here which could have value should your trust anchors expand beyond Intel and Signal.
> distributed only in an unsigned insecure form or in a signed/verified manner only if you give up your privacy to install with Google Play or the Apple store.
> Those that only run open source software like myself have no secure way to run Signal short of compiling every release by hand which is impractical.
You may be missing the subtle point - the APK provided is the same one from Google Play, which includes the Google SDK encumbered libraries (links? hooks? features?). If you run a libre device without the Google Play store (non-Google android build) then the software cannot function. The code for the client is open source, but the act of compiling it against the required Play store libraries encumbers the final binary. F-Droid requires that all code compile without the Google SDKs in order to be hosted (IIRC).
You are being a bit too subtle for many people. I think most reading your post above are going to understand it as claiming that the Signal APK downloadable from Signal's website requires Google Play Services or the Play store in order to run. That is not the case, as any LineageOS user can tell you.
> If you run a libre device without the Google Play store (non-Google android build) then the software cannot function
I think you mean either of two things:
1. running the APK they build on a device without Google Service does not work
2. running the APK they build on a device means it's no longer running only libre software
1. is not true, so I assume you mean 2. I guess that's true, but in practice I think that the compiled dependency doesn't do anything if you don't have the services on your phone (don't quote me on that). It's not free software, but it's still better than the competition.
I think it sort of floats in 2 territory and sort of resembles the LGPL based kernel modules which require a binary firmware blob to run (kind of, not exactly). In order to create the APK, the code must compile against the SDK and encumber it by binding to an API, however if I understand this correctly in Android terms it means a stub of non-free code is now inside your APK, instead of say an external firmware blob. (I am not an Android coder to know the subtle details here)
(I'm aware that the code will try and use Google services, then if it fails it falls back to websocket(?) - so the actual Services don't have to be present, but the compiled APK contains the non-free hooks to use it if present? I tried to use the word encumbered to reflect that)
Others seem to interpret this as your saying that downloading the APK results in non-free code being present on your system, but
> If you run a libre device without the Google Play store (non-Google android build) then the software cannot function.
is just not true. I don't have the Google Play Store (I'm on a non-Google Android build) and Signal functions just fine.
(Well, mostly fine - it has to maintain its own connection because of course it can't use Google's tooling for that, so it supposedly has more battery impact.)
I don't think that is true. The build that is distributed through the site has the Play Store "features" disables and has other things like an auto-update mechanic. When built for the website the build config `PLAY_STORE_DISABLED` set to true.
> Not to mention you need to show government ID to get a SIM to use the Signal wallet for said private currency/messenger in 200 countries.
There are less than 200 countries in total, unless you get very creative with states that are arent recognized more more than a handful of other countries, like Abkhazia or Transnistria.
You also dont need ID to buy SIM cards in the US, so I'm curious on how valid this assertion is.
The OP is broadly right. You now need to show ID to buy a SIM in many EU countries and beyond (e.g. Chile, Russia or Senegal). A copy of the ID is given to the state in order to link your identity to the SIM card. Even if you bought a prepaid SIM before this policy or law came in, when you top up the mobile provider may pressure you into paying online or by card instead of cash, so that your identity can be linked to the SIM through your payment.
I do wonder how long the US (or, for example, Finland) will remain a holdout in this regard.
To get counts, I also analyzed the table in the annex; it lists exactly 200 countries (checking each of them, that's because in addition to 193 UN members, it includes two non-member countries: Kosovo and Taiwan, and five other non-countries: French Guiana, Greenland, Hong Kong, Macao, Svalbard).
Of these, 34 are listed as "SIM registration not mandated" and further 7 are listed as "SIM registration under consideration", the rest are "SIM registration mandated", i.e. 159 countries.
Basically the whole world requires it except for North America/UK and a few smaller countries mostly in Europe. Also notable that countries without ID requirement mostly happen to be the ones with very low prepaid SIM penetration (see the map on page 6 [page 8 of the PDF]) so their unidentified SIM usage is presumably low anyway, though it remains a possibility in those countries.
Edit: Sorry, 6 are listed as "State of SIM registration inconclusive" which I have missed, so "SIM registration mandated" count should be 153.
In the past two countries I lived, it’s currently impossible for an individual to get a SIM card that can do voice or SMS without government ID and being a resident. Data-only SIMs can be bought for cash easily, but that doesn’t help you with Signal.
The same goes for virtual/VoIP numbers. No skypein etc.
Even in the US, the identity of most subscribers are known to the mobile operator.
It's a regulated market, so should the need arise to keep the identity of all subscribers in the future, it is likely not much more than a counter-terrorism-related law away.
Signal is actively working on other identifiers than a phone number, but can you cite proof that no phone will be required at all? I got the impression that Signal will still require a phone number at signup to do SMS verification, and only then give you a way to provide non-phone-number identifiers to contacts.
Eh, fair. I cannot cite proof, only note that every instance I've seen Signal promise this feature has been worded in a way that indicates no phone number would be required.
It is unfortunate that I don't see many from Signal on this forum, as it'd be nice if someone would just clarify this already considering the popularity of it as a feature request.
Not from Signal but the MobileCoin CEO posted this answer yesterday.
.....
>>The UK also has receiver verification. If I try to send to an account and it doesn't match the name I'm sending to, my bank will warn me. How do you stop impersonation?
A: Signal relies on phone numbers for identities. Other apps that integrate MobileCoin may have a higher threshold for identification.
.....
Reads to me like phone numbers are not going away.
> Those that only run open source software like myself have no secure way to run Signal short of compiling every release by hand which is impractical.
Particularly because the software is timebombed and stops working after a while (and also blocked on the server side if you bypass the client side timebomb).
The problem is: Signal already relies on SGX for lots of other features (Signal PINs & Secure Value Recovery, contact discovery etc. etc.) and these depend on SGX working as advertized.
For everything else: Yes, by setting a randomized long Signal PIN since SGX is effectively used to add entropy to Signal PINs[1]. You can also disable Signal PINs – in this case Signal will simply set a randomized long PIN for you.
Feature bloat is one of the worst things for a security conscious product. The more features, the more attack vectors. Nobody asked for payments in Signal. Where did this idea come from? It was never put forward prior to this, it was never on the road map. That only makes me even more suspicious of this decision, which leads to my second point...
MobileCoin has all the appearances of a scam. 85% of the coin is owned by the creators. The price rapidly shot up at the end of March. The social media of the developers was posting rubbish for a long period of time. There was no mention of this collaboration beforehand. This has all the hallmarks of a pump and dump. Have the Signal devs been duped? Or are they wanting to cash in on Signal's rising popularity?
Anybody at all with an interest in Signal needs to let the foundation know that this Beta needs to be scrapped, and that payments should never be added.
The UK already has faster payments in all major banks. I can send and receive money instantly from app or Web. Will yours be as fast as that?
The UK has a problem with authorised push payment fraud. Banks can recover funds which have been sent as a result of phishing / fraud. How can I reverse a payment on your platform if it was fraudulent?
The UK also has receiver verification. If I try to send to an account and it doesn't match the name I'm sending to, my bank will warn me. How do you stop impersonation?
There's no cost to sending payments on most mainstream banks. How much do you charge?
Most banks let the user block receiving payments from specific accounts. How do you stop harassers sending unwanted money?
This was my question too. I don’t really understand why the U.K. was chosen as the initial market. At least in the U.S. people are used to venmo and suchlike being services they might use. My guess is that either the cryptocurrency people are based in the U.K. or that whoever is in charge is viewing the country as something like America but easier to get started (anglophone but smaller market for testing or easier regulations or less competition) however I don’t think the U.K. is a good substitute for America in this case.
The one venmo-like thing people do use a lot in the U.K. is probably something like revolut for dealing with different currencies and international transfers (either for travel in Europe or for migrant workers sending earnings abroad for family or retirement). But a service that’s only available in the U.K. isn’t much use for that.
I also personally don’t really see the privacy use. I think I’m willing to give up a reasonably large amount of private information about the people on either side of a transaction if it is effective at reducing fraud and making transactions reversible.
America has AML and KYC and running an exchange that allows trades which dodge those requirements is a great path to men in black suits knocking on your door.
Not really. Someone steals money, sends them to you, your are having lots of trouble proving you are not an accomplice. If you are a government official, you can be framed as receiving a bribe.
In russia government can send your organisation money from abroad via an agent and then shut you down as a 'foreign agent'.
> In russia government can send your organisation money from abroad via an agent and then shut you down as a 'foreign agent'.
They could do this with traditional banking systems as well. Presumably the Russian government has a high degree of surveillance with regard to their domestic banks like every other nation in the world has. Creating a false financial trail is made slightly easier with crypto currencies, but for a nation state it's not hard to do with traditional banking systems.
Creating a false trail is far more difficult than asking some scoundrel send 100 euro while vacationing in Italy or Spain. Also, for a FSB operative it is an opportunity to go to spain to 'supervise' the operation, lol.
Think again. A criminal sends you a known amount of money, then you are seized and phone is searched, and you receive the exact amount of money a criminal had sent you.
Accepting unwanted money from someone can have serious consequences in many cases. In some cases it is illegal - for example, accepting certain types of political donations.
In cases where you've been sent unwanted money your obligation is typically to return it, but that specific type of use-case is often not considered when people design things. If you end up in a situation where anyone can send you money and you can't return it, you're in big trouble because the sender might be causing you to unintentionally get involved in a violation of the law and leave you without any method to undo it.
> Most banks let the user block receiving payments from specific accounts. How do you stop harassers sending unwanted money?
First time I read about that, how does this work in practice? A person regularly sends you small amounts such that all you see is their name whenever you log into your bank account?
Amongst other things it's a way to set up a narrative regarding some other fraudulent activity.
If you were regularly recieving money from someone, then it looks like you're in business with them - and you'd have a hard time pricing you're not if they then staged some other activities (i.e. shipping you stolen goods, which they then have stolen from your doorstep by an associate).
>>The UK already has faster payments in all major banks. I can send and receive money instantly from app or Web. Will yours be as fast as that?
A: MobileCoin is as fast (or faster in some cases) than a bank payment in the UK with greater privacy. As far as settling back to Fiat, if that's what you're asking about, the velocity of that depends on on-ramp and off-ramp integrations which will come over time (but it looks like there's no reason MobileCoin can't help developers deliver payments at the same speed as banks).
>>The UK has a problem with authorised push payment fraud. Banks can recover funds which have been sent as a result of phishing / fraud. How can I reverse a payment on your platform if it was fraudulent?
A: Payments on MobileCoin cannot be reversed at the protocol level. If you want escrow and reversibility, you should use a wallet or payment service that supports those primitives. We believe that developers will build such services on top of the foundation of the MobileCoin protocol.
>>The UK also has receiver verification. If I try to send to an account and it doesn't match the name I'm sending to, my bank will warn me. How do you stop impersonation?
A: Signal relies on phone numbers for identities. Other apps that integrate MobileCoin may have a higher threshold for identification.
>>There's no cost to sending payments on most mainstream banks. How much do you charge?
A: Fees are set by the foundation (which has a stated goal of keeping transaction fees to around $.04 when the network isn't congested). Currently fees are higher as they need to be adjusted by a foundation vote.
>>Most banks let the user block receiving payments from specific accounts. How do you stop harassers sending unwanted money?
A: Signal doesn't allow people you haven't keypaired with to send you funds. If you have accepted a message request from someone, they can send you money.
Heads up, it would be useful on HN if you were to disclose your affiliations / interests when posting, especially about something like a cryptocurrency you helped design.
It gives readers a better sense of your ability to answer the questions accurately, in addition to letting people make assessments based on the potential conflict of interest.
Also, responding here and inviting discussion on a technical level is possibly the best thing you can do for perception of Mob, because this is a forum where those questions are likely to get asked.
Edit: I see you've done that in another post on this thread. Since we don't have anything like flair it would also help people who don't read the whole thread.
Yes, this originally was a child comment to the thread where I identified myself as the MobileCoin CEO. Dang merged two threads and this got separated from the top-level comment.
Who is in the foundation and what does the governance look like? Is there a plan to expand governance to the community?
I know the next question is signal specific but do you have any details on how they'll maintain privacy for pegging which is likely just to require an on/off ramp. Surely this is just no better if the majority of transactions have an associated log on an exchange?
I haven't made up my mind regarding the payments feature yet but yeah, what's up with the server code? Why hasn't it been updated in over a year?[0]
Also, why do the Signal developers trust SGX so much and have stayed completely silent about SGX vulnerabilities – even when the cryptographers whose quotes they used to put on the signal.org home page[1] are increasingly critical?[2]
Finally, why is there no open communication about major events like the Signal PIN UI fuckup last year or the server issues earlier this year? Foundation or not, if no communication is happening and they're not demonstrating that they're capable of openly admitting mistakes and learning, they're not gaining the trust of anyone.
Don't get me wrong, I've been a die-hard fan of Signal since the early TextSecure days and have convinced > 100 people to switch but I'm starting to have a bad aftertaste and some of my friends (equally big Signal fans) are, too.
EDIT: Looks like the Signal server repo[3] was updated today, as this article[4] (in German) attests to. I had last checked the repo this past weekend. I suppose the repo hadn't been updated to keep the MobileCoin thing secret but I do wonder: Why not simply create a private branch instead of risking one's reputation for openness?
the usage of SGX here is to protect against a fairly benign adversary: Signal themselves. The alternative to using SGX in these situations is to hand over the data in the clear to Signal servers.
Given the Snowden leaks and everyone's experience with what Facebook etc. do with our data, I wouldn't call that a "benign" adversary at all. Besides, even if Signal itself is benign, someone who manages to hack the Signal infrastructure might not be.
> The alternative to using SGX in these situations is to hand over the data in the clear to Signal servers.
This is not correct. The alternative would be to tell users to choose a passphrase with enough entropy. In that case, SGX wouldn't be necessary. Unfortunately, they didn't do that, so now a lot of users have chosen a short PIN and their data will be compromised should SGX ever fail to live up to its promises. (This is what I meant by "Signal PIN UI fuckup" – the word "PIN" alone suggests choosing a short number over a long passphrase.)
Sorry, the use case I had in mind was contact discovery. Existing cryptographic protocols for private contact discovery do not scale to Signal’s numbers.
I regret finding out Signal uses recaptcha in its welcome screen, and sets the Google PREF cookie permanently in the App's Cache.
Traceable by Google every time you open the App... and using Google's Backup service to store the private keys unencrypted. Well, so much for E2EE.
This combined with what went on with LibreSignal and legal threats from moxie made me realize it's just a company selling privacy claims without proof.
(if you don't think this is true, use AppWarden or decompile the APK. Play Services, Firebase and Recaptcha are still integrated years after LibreSignal was forked.)
You're making very strong claims here. Signal regularly goes the extra mile to protect their users from 3rd-party tracking (by Giphy[0, 1] etc.) and, as they noted on GitHub at some point, they also consciously decided against UI/UX tracking and error reporting because they did not want to give off the impression that they themselves are surveilling their users. And now you're telling us that they deliberately included tracking by Google? That doesn't seem likely.
> Google PREF cookie
The PREF cookie is for Google's safe browsing feature. How on Earth would that find its way into Signal? (I doubt the link preview feature uses that, given how much effort they put into making sure they get it right[2].)
> Traceable by Google every time you open the App...
How so? AFAIK the Signal app doesn't connect to the Google servers directly (reCAPTCHA aside – I have yet to see it in Signal but even then it would be a one-time thing), so even if the cookie existed, it wouldn't get transferred anywhere. The Firebase Cloud Messaging library / Google Play Services on your phone do connect to Google but they carry unique identifiers, anyway (or otherwise push notifications would not work). If you don't want that, use a phone without all the Google stuff – Signal works fine without it (though it might need more battery).
> and using Google's Backup service to store the private keys unencrypted
Could you provide a source that's more accurate than "decompile the APK" or "read the source code"? AFAIR the app's database is encrypted at rest by a key in the phone's hardware key store precisely because the Signal developers did not want Google Backup to get access to the app's data. (Which is why they ended up rolling their own backup solution.)
> This combined with what went on with LibreSignal and legal threats from moxie made me realize it's just a company selling privacy claims without proof.
What legal threats? (I'm familiar with the discussion but I have yet to see Moxie threatening anyone.)
> AFAIK the Signal app doesn't connect to the Google servers directly, so even if it exists, the cookie doesn't get transferred anywhere. The Firebase Cloud Messaging library / Google Play Services on your phone do connect to Google but they carry unique identifiers, anyway.
It does connect to google's servers for pretty much everything [1] - you can look for these constants in the codebase and you'll find lots of things that would worry any netsec person, including the key backup related stuff.
Signal doesn't only use firebase for the sake of Push Notifications. Also have in mind that push notifications/firebase is unnecessary with a high priority notification, which is what e.g. other f-droid FOSS forks of other apps use instead.
> What legal threats? (I'm familiar with the discussion but I have yet to see Moxie threatening anyone.)
Granted, most of the discussions in LibreSignal's repo [2] got very heated very quickly. Can't find the twitter thread of @moxie at the time, and lots of replies in there got deleted from both sides. Maybe someone else can provide an archived version or screenshot? [3]
> Could you provide a source that's more accurate (...)?
Make an Access Point, use smartphone to connect to it. Run Wireshark, and you'll see what's happening. Use an AOSP ROM and use the Signal Download without Google Play Services (to be sure that it's not Google Play noise you're observing) [4].
> It does connect to google's servers for pretty much everything [1]
Have you actually looked at that code? It's for domain fronting[0], so nothing shady, and it's only used when you're in Egypt, UAE, Oman, Qatar, or Iran. Have a look at
> you can look for these constants in the codebase and you'll find lots of things that would worry any netsec person, including the key backup related stuff
I just ran a recursive grep on the entire repository and the file you referred to is effectively the only place where a google.com URL shows up in the code (apart from two or three more instances which are not suspicious, either).
Maybe I'm missing something, so feel free to prove me wrong, but right now my impression is that you're spreading FUD for no good reason.
> Signal doesn't only use firebase for the sake of Push Notifications
For what else does it use Firebase?
> Also have in mind that push notifications/firebase is unnecessary with a high priority notification, which is what e.g. other f-droid FOSS forks of other apps use instead.
That's news to me. OTOH I'm not familiar with the term "high-priority notification" outside the FCM realm. Unfortunately, a quick Google search only yielded results related to FCM. Could you explain what you mean?
> Granted, most of the discussions in LibreSignal's repo [2] got very heated very quickly. Can't find the twitter thread of @moxie at the time, and lots of replies in there got deleted from both sides. Maybe someone else can provide an archived version or screenshot? [3]
I remember reading all those threads (the one on GitHub and those on Twitter) back in the day and, honestly, I didn't come away impressed by the way some people treated Moxie. I've been in his shoes a few times now (trying to build a product that works – technically and economically – with team of anarchistic techies) and can empathize with the path he's taken. Not understanding his POV is no excuse for being rude, though. Now, since you posted the link, I went through that GitHub thread again and my impression has stayed the same. A few quotes:
> I must say, you [moxie] really are the worst anarchist I've ever encountered in my life; but I'm no authority on the matter. Writing good software doesn't give you a license to bully other projects around unless they give you a WhatsApp-level payout. How about you keep your narcissism tucked in so that secure messaging in general doesn't have to suffer from it? (https://github.com/LibreSignal/LibreSignal/issues/37#issueco...)
> That post [by moxie] is pure politics. It's a bunch of feel-good phrasing, cringe-worthy in its superficial slickness, that obfuscates what is really a giant policy-level middle finger from in terms of Open Whisper Systems shifting away from free software and into a centralized, All Rights Reserved commercial outfit. (https://github.com/LibreSignal/LibreSignal/issues/37#issueco...)
Here's what the people in the thread had to say who didn't get all personal:
> [Directed to someone else on the thread:] Whatever your take on what "the right thing" is, there is no need to get personal. And as previously said, Signal is free software - that entitles you to the source code, and no more. Noone is in the right to demand that OWS do anything else, and that includes most of what is being said in this thread. (https://github.com/LibreSignal/LibreSignal/issues/37#issueco...)
> I thank @moxie0 for replying when asked by @mimi89999, providing his (OWS) point of view in a polite and useful way, bringing up some truly interesting aspects of the issue. I can understand @cjeanneret's frustration, feeling just one step away from a truly free and secure messaging system, but this is no excuse for being rude. (https://github.com/LibreSignal/LibreSignal/issues/37#issueco...)
I didn't understand the hysteria about Whatsapp to begin with. Yes, Facebook doesn't exactly have great brand recognition but by all indications the TOC change didn't even actually change anything for individual end users but people kept bugging me about switching to Signal.
Compared to the ICO crypto shenanigans of Telegram and now this I don't see a reason to switch. People also kept trying to get me to use Brave instead of Chrome, and the first time I opened it there was crypto advertisement everywhere.
That's how I felt the moment they insisted on storing user's personal data (contacts, name, photo, phone number) in the cloud with no way to opt out of the data collection while also being very vague and elusive about it all in their communications. I'm feeling more and more justified in moving off Signal as time goes on. Jami had better stay good.
And to wit, the sync only occurred once major tech media outlets started to notice. Thus the sync happened to throw them off the scent. Pay no attention to the man behind the curtain, if you will.
That would only compromise metadata as signal is e2e encrypted and the client has always been opensource and up to date.
All the SGX stuff is about making metadata more private for features that absolutely must be done serverside. So a compromise in SGX is more an issue if Signal itself becomes adversarial or gets compromised. Most services only rely on this for security and don't use things like SGX to hide things from themselves.
I'm the CEO of MobileCoin. If anyone has any questions please feel free to ask here. We've been working on this project for four years and it has been a labor of love. There's a lot of new technology here.
We exist in a highly regulated space so it's possible some questions will require reaching out to lawyers to make sure we answer them in a way that's compliant so please don't feel offended if a response takes a while to come back.
The best set of docs for how the whole thing fits together is our book "The Mechanics of MobileCoin"[0].
We'll be around here and on our forums [1] to answer questions. Please also check out our foundation website[2]. The github[3] is also a lot of fun, especially the section on Fog[4].
Hi,
I still have to read the docs more thoroughly, but given that these HN threads die out quickly, I'd rather ask now that I have the chance, so forgive me if some of these are answered in the docs:
1. how does MobileCoin make money?
2. how many coins do you / does MobileCoin own?
3. related to that, are there mechanisms in place to prove that this is not a pump and dump? Or simply, how do I know it's not one and it's here for the long-term?
4. what's the threat model of the blockchain you're using? E.g. for Bitcoin, the chain is compromised once 51% of the hashing rate belongs to collaborative evil miners (as a rough approximation). What about MobileCoin? When would something bad happen? How is it prevented?
5. how does MobileCoin compare with privacy-oriented cryptocurrencies such as Monero?
P.S.: you might wanna add a F.A.Q. section somewhere for the questions I've mentioned and the others in this HN thread, right now we either have to blindly trust the claims on https://www.mobilecoin.com/ or going through the 133 pages of https://github.com/UkoeHB/Mechanics-of-MobileCoin, there should be some intermediate tech documentation (or does it exist already?)
I think the more pertinent question is how much of a stake Signal has in MobileCoin and why the details of this relationship are not being disclosed.
MobileCoin isn't even on the list of cryptocurrencies you can make a donation in.. which makes this seem more like a cash grab rather than something that was thought out.
1) MobileCoin will build a payments ecosystem around the protocol.
2) I have to check with the lawyers on whether we can disclose exact amounts, but our intention is to own a small minority of coins over the long term. We want the supply to circulate.
3) I don’t know how to prove this other than to tell you that MobileCoin is here to stay. You’ll know us by our deeds.
4) the threat model is 100% of nodes being compromised with an active attack against SGX. If there is even a single honest machine, the network will scream on any fault.
5) MobileCoin is fast and privacy-protecting (and it works on mobile without consuming tons of energy). There aren’t any other cryptocurrencies that presently fit that bill.
The correct answer to (1) was: "by selling the coins we pre-mined (85% of current float) at a high price, after using the popularity of Signal to pump the price further".
Can late MobileCoin adopters buy the same amount of coin for the same price as early adopters or is it a multi-level marketing pyramid scheme like the rest of the crypto“currency” greed and spam inducing cesspool?
MobileCoin is already liquid on multiple exchanges so the coins would just be purchased at whatever the market price is. It also doesn't make sense for late adopters to get the same price because there's a lot more risk associated with being an early adopter than a late adopter. This works both ways — if something bad happens to MobileCoin that tanks the price late adopters would be able to buy at a cheaper price because the new information gets priced in.
>“It also doesn't make sense for late adopters to get the same price because there's a lot more risk associated with being an early adopter than a late adopter.”
Often repeated but false. Early adopters mine or buy large proportions at negligible prices while late adopters mine or buy negligible proportions at large prices.
> It also doesn't make sense for late adopters to get the same price because there's a lot more risk associated with being an early adopter than a late adopter.
Other way of saying it, is that early participants in a pyramid scheme don’t have guarantees that they’ll find enough people for the scheme to be successful.
My question, to both you and (especially) Moxie: Why do you trust Intel SGX so much (for Signal but now also MobileCoin)? Why are you not worried about vulnerabilities? As you're surely aware, even Matt Green who is/used to be(?) the biggest fan of Signal[0] is very concerned[1] about SGX. I don't question your intentions but the fact that Signal as an organization has stayed completely silent about this is… worrisome and at the very least taints its reputation of openness and trustworthiness. With MobileCoin now relying on it, too (more or less), this only seems to be getting worse.
Elsewhere[1] in the thread it's been claimed your organization owns 85% of the total market cap of this coin. Can you speak to this? Is it true or not? If not true, what is the correct percentage? How much is left?
Thanks for answering questions, it's nice to see that MobileCoin shares so many similarities with Monero with changes that seems to make decent tradeoffs for usability. I have a few questions:
What is the identity and distribution behind the current mobilecoin nodes? What are the requirements for running a node? Since there is no node rewards how will nodes funded in the long term (10+ years)?
Does mobilecoin employ something similar to Dandelion++? What prevents nodes or those running fog from performing timing based attacks? Is mobilecoin suseptable to any other attacks (e.g. Poisoned output, subaddress association)?
How will the mobilecoin foundation and continued development be funded in the long term (10+ years)?
If SGX is found to be vulnerable/no longer fit for purpose is there a mitigation plan?
I don't run anything related to the protocol. The protocol governed by the MobileCoin Foundation, an independent board of directors. The foundation makes recommendations about how the network might behave, but ultimately it's up to the node operators to decide what code they run.
If that is true, what is it that makes it inaccessible to US individuals? My understanding is that a “real” decentralized cryptocurrency not misrepresented by the issuers will not fall under regulation like that.
Cloudflare lets you create custom error pages [1]. I would recommend making one for any geo-restricted pages. The benefit is that you can emulate your site theme and have an opportunity to explain the reasoning for the geographic restrictions.
Why do you feel the need to geofence it outside of the US? Where is the foundation based/registered? Where is the for-profit that you are the CEO of registered? How much is Signal getting for this?
Assuming an attacker fully compromises SGX for machines under his physical control (e.g. can execute arbitrary code inside an attested enclave), what can the attacker do/what security properties of MobileCoin break?
I know Moxie seems to put near-complete trust in SGX, but many security professionals don't.
Hi Josh! Why does nothing, in plain English, explain why MobileCoin should be used over another decentralized digital currency that exists? For example, if I look at your GitHub [0], the first FAQ item is about Intel SGX, and the overview is just...a blockchain overview.
Why does it make sense to integrate MobileCoin into anything? Why not use Monero or zCash? Sure, you can definitely explain this to me, but nothing explains that to general people on your GitHub page. Same thing on your foundation page, which simply has logos and "Private Payments for everyone" [1].
I've spent a lot of time working on blockchain and perceptually, it feels like you're trying to sell snake oil here. For example, the mechanics paper [2] starts with "Cryptography. It may seem like only mathematicians and computer scientists have access to this obscure, esoteric, powerful, elegant topic." Cryptography is a tool. What's obscure about it? People are using it right this second. Why is it esoteric?
The paper then continues with a brief overview of 'blockchains' (why the scare quotes?). In the same paragraph, it states that the purpose of blockchains is that "no piece of money can be duplicated or created at will" but this is only one of many points of the entire point of a blockchain. Why does it not explore other facets of blockchains if the goal is to be introductory?
Then, in the fifth paragraph, the paper remembers that people may not be reading this for the first time with no experience, and suddenly jumps up to 11, with this paragraph. Note, this paragraph is one single 91-word jargon-filled sentence:
> MobileCoin is a standard one-dimensional directed acyclic graph (DAG) cryptocurrency blockchain, where blocks are consensuated with an implementation of the Stellar Consensus Protocol, transactions are validated in SGX secure enclaves and are based on elliptic curve cryptography using the Ristretto abstraction on curve E25519, transaction inputs are shown to exist in the blockchain with Merkle proofs of membership and are signed with Schnorr-style multilayered linkable spontaneous anonymous group signatures (MLSAG), and output amounts (communicated to recipients via ECDH) are concealed with Pedersen commitments and proven in a legitimate range with Bulletproofs.
While I want to assume good faith here, I find that the blockchain community often has a history of attempting to "smooth over problems" with lots of jargon and hoping for the best. This sentence, when run through Hemingway [3], gives it a post-graduate reading level. But that's not anything about the cryptography: the paragraph/sentence is simply unreadable to most people. It serves no purpose in the middle of this section.
While I'm sure you'll mention that this is a preview document, you're pointing people to it as the primary resource for people to learn "how the whole thing fits together."
Other warning signs that make me wary are everywhere.
The foundation about page has the Intel, Azure, and IBM logos under a "powered by" footer [4]. The meaning is ambiguous, and the intent is clear: you want to use these big tech company logos, because they're recognized. Yet, this is the exact same thing companies do when they're sponsored by other companies. To the untrained eye, these are indistinguishable things. Is MobileCoin sponsored by Intel, IBM, or Azure? If not, you should remove the logos. It feels like a "trust play." You're not linking to any sites or providing any information as to your relationships with these companies, but it seems like you just have cloud services with Azure and IBM, and use Intel SGX.
There's a typo on the "Foundation Trusted Nodes" page (two words slammed together): "MobileCoin Consensus is built on trust relationships between individuals and organizations who are running MobileCoin Consensus Validator Nodes.Determining" [5].
So, I suppose, if I had a question, it's: why, in all of this documentation and all of the websites that you've linked to, is there not a single "you should use MobileCoin over Monero and zCash because of ..." comparison? Why does it seem more like it's interested in propping itself up and being trustworthy, rather than conveying details about how it's superior to its competition for mobile payments?
> MobileCoin also remains even more volatile than older cryptocurrencies, with constant price swings that will significantly change the balances in a user's Signal wallet over the course of days or even hours—hardly the sort of issue that Venmo users have to deal with. (Since March 27, MobileCoin's value has shot up nearly 600 percent, possibly due to rumors of the impending Signal integration or possibly the result of a "short-squeeze.")
> To try to tame that volatility problem, Marlinspike and Goldbard say they imagine adding a feature in the future that will automatically exchange users' payments in dollars or another more stable currency for MobileCoin only when they make a payment, and then exchange it back on the recipient's side—though it's not yet clear if those trades could be made without leaving a trail that might identify the user. "There's a world where maybe when you receive money, it can optionally just automatically settle into a pegged thing," Marlinspike says. "And then when you send money it converts back out."
Are there any tax implications of sending someone cryptocurrency that has appreciated? Say you owned 1 million in mobilecoin a month ago that is now 6 million, can you just send it to someone and avoid the capital gains tax? And if not, do apps like Signal have to report these earnings on transfer from mobilecoin to USD? (since signal plans to facilitate it in some way)
This is going to vary from country to country. Sometimes, only the conversion to fiat is taxed. I think that generally any transfer to another person is taxed too ?
The project is brand-new, what do you expect? In any case, the end-game is to use MOB for the transaction and instantly convert to fiat, so volatility would not be of concern to the end-user
Exactly. Inside MobileCoin, transaction amounts are disguised. But if every MobileCoin transaction is preceded and succeeded by conversion into national currency at a centralized exchange (to whom you are not anonymous) then using MobileCoin becomes completely pointless.
Then why use Signal at all? You had to have KYC to get a phone number in most countries which you had to give to Signal which could expose your location etc via tower pings to anyone you communicate with unless you port it to a VoIP number (how many know how to do that?)
You also had to provide a phone number to get a Google or Apple account to install Signal because anonymous signed install methods are not supported, which moxie says is intentional to collect analytics.
Signal may have end to end encryption but being anonymous is a clear non goal.
>You also had to provide a phone number to get a Google or Apple account to install Signal because anonymous signed install methods are not supported, which moxie says is intentional to collect analytics.
Signal distributes a standalone APK for android, which does function without google play services.
Yes it functions, like on my de-Googled Pixel 3a running GrapheneOS. But it's not particularly reliable in my experience, especially if you don't have the gapps services.
You must turn on Untrusted Sources which disables meaningful signature verification.
Now you must hope you don't get MITMed every time you update.
It is a joke they seriously expect people to sideload.
They need to provide a deterministic and easily auditable F-Deoid repo or let the F-Droid team compile/sign it for them.
Neither will happen though because moxie has been very open about the fact he wants the analytics that comes with google/apple tracked installs, user privacy be damned.
Not entirely true. On recent versions of Android, you are asked to give "install untrusted apps" permission on a per-source basis (e.g. I downloaded an apk from Chrome, now I have to allow Chrome to be a source of installable apks).
Also, it doesn't disable signature verification at all -- it just changes to what is essentially a TOFU model. You can verify this by installing, say, NewPipe from vanilla Fdroid, then adding the NewPipe repo and installing a build from there. It will fail unless you completely remove the original app (from all the profiles on the device!) and install the new one afterwards. This is due to different signatures between repos.
In any case, I agree with your wider point about Signal's rather concerning distribution strategy. I would like to see inclusion in Fdroid, or at least a custom third-party repository. Unlikely though.
I don't think Signal has any plans to scan your driver's license. What they've built is a non-custodial wallet (IE, they can't help you if you lose your keys, and they have no ability to authorize or deny a payment on your behalf).
In my opinion a lot of the spicy regulatory issues around coins with private transactions are still not fully realized because none of them have mainstream adoption. The problem here is that Signal's goal to succeed as a mainstream encrypted messaging client could have the unpleasant side effect of bringing this technology under regulatory scrutiny.
Hopefully things won't come to that, of course...
And they need to exhaustively verify who is really buying these to be sure they really aren’t in the US so they don’t end up in a Bitmex style situation.
The larger problem here for Signal is US legal claims could nuke it off the (very) centralized Apple App Stores and Google Play Store. Then what?
> To try to tame that volatility problem, Marlinspike and Goldbard say they imagine adding a feature in the future that will automatically exchange users' payments in dollars or another more stable currency for MobileCoin only when they make a payment, and then exchange it back on the recipient's side—though it's not yet clear if those trades could be made without leaving a trail that might identify the user.
You don't need to KYC as it's just a mobile wallet — same with all the other crypto wallets out there. I'd be surprised if Signal integrated features in the future that require KYC.
You already need KYC in form of a phone number that can receive SMS. In many countries, that is not possible without government ID and being a resident.
In my country it’s actually easier to legally open a verified trading account on a local cryptocurrency exchange than it is to get a voice/SMS SIM if you’re not a registered local resident.
> MobileCoin only began trading as an actual currency with real value in December of last year—until then, it was running as a valueless "testnet"—and its 250 million coins, at around $69 each, are currently worth almost $17 billion dollars in total.
No. This is simply not true. You don't arrive at the value of a set of "things" by multiplying the best price for a single "thing" by the number of "things" you want to sell. That's not how the world works.
If I sell you a printout of a drawing for $1, printing out a trillion copies of this drawing does not make me a trillionaire.
> For now it's listed for sale on just one cryptocurrency exchange, FTX [...]
Great. So let's see what the actual value of this token is, by looking at the order books of the markets on the FTX exchange where this token is traded. There are two markets:
The most liquid market appears to be the MOB/USD market, so I will focus on this.
The MOB/USD order book tells us that, if you wanted to sell as much MOB you could while pushing up the sell price by at most 10% (from 61.15 to 67.27), you would end up earning $2.5MM USD.
If you consumed all sell orders (that are displayed on the site) the sell price would be pushed up to 73 USD per MOB (a 20% increase) and you would earn a total of 3.75MM USD.
Now, compare this figure to the alleged value of this token (17 billion USD). The actual value -- let's be generous and say 10MM USD -- turns out to be just ~0.06% of the claimed value of $17 billion USD.
No, it’s not the same with stocks. With stocks, as a majority holder, you can make the minority an offer that everyone is forced to accept if a majority of the minority accepts it. This is why market cap is relevant to the stock market, but not e.g. the forex or commodity market.
What I was saying was if everyone wants to sell and nobody wants to buy, the value is zero. This is true of all markets. The market cap is always determined by the last matched order, not the total that you can sell the whole market for.
Again, Signal shows there's some undercurrents going on constantly in the organization and bringing private and ethical messaging solution to the public is not the sole goal. Another affirmation for those who kept on recommending Matrix/GNU Jami/XMPP instead.
At this point, if you really need this broad functionality Signal are aiming to provide, why not Status.im? At least their tech is cool.
Ah, the quirks of English language. I hope it's clear messaging here is a noun modifier (is it an "attributive noun"?). This noun and two prepositive adjectives modify the same noun "solution".
I was concerned about how signal was monetising. They barely receive any scrutiny and people take them at their word too much because they are supposedly non commercial.
Interesting that the terms "keybase" "steller" "lumens" haven't showed up once on this page yet, considering how similar this seems to what Keybase did by integrating Stellar Lumens, and going downhill from there.
Hopefully Matrix/Element continues on their current path and doesn't ruin their chat protocol/client by pushing some altcoin onto their userbase.
Well, if any cryptocurrency is to gain really wide adoption, this is the way to go: integrate it into something a large number of people already use. And judging by what WeChat does, a chat client is an excellent choice - after all, money sending is a way of communicating something (an abstract form of "value" in this case).
I only wish it were done differently - maybe we'll get answers to these questions:
- Why not airdrop everyone a 100 pieces of whatever coin (or even just 1, assuming the coin can be subdivided into tiny bits)? I'm asking because I believe the value of this kind of coin usage will come from its daily users, not from exchanges, but that's a long game. Even if today it's worth 0, if the UX is good enough and it proves to be secure, people will start assigning value to it.
- Why pick a cryptocurrency almost noone has heard of? For example, related to the above question, why not buy or mine a million Doge and gift every account a 1 doge (presented as 1 thousand mili-doge)? People will start assigning (more) value to it sooner or later if it's easy to use. Feel free to substitute almost whatever instead of Doges (maybe something with PoS and give the users the warm fuzzies with apparent increase in value).
I feel like I can answer the second question, the reason why they are using the unknown coin is because thats how they make money, they get into a shitcoin (https://coinmarketcap.com/currencies/mobilecoin/) that they already have mined a good amount, using Signal popularity, then pump it to the moon(like they say) and sell their positions.
INAL but an airdrop may run afowl of securities laws. As for the seccond point I think the choice is actually pretty apt - most other cryptocurrencies aren't private and those that are aren't especially user friendly (they cite block times).
Since Signal's sever is centralised, uses SGX and they have no intention of federation it makes sense that the cryptocurrency they chose has similar tradeoffs.
Putting people's privacy in danger with fake privacy coins is a devastating error. Mobilecoin is a scam. The only private cryptocurrency that works is Monero. I now can only believe Signal has sick motives or is a honeypot. Extremely sad since I even convinced my family to use it but now I will turn away.
Not quite true; zcash is best-of-breed and works well. Dead on for this being a devastating error though. I regret advocating Signal, and this destroys Moxie's credibility in my eyes. A shame, because the Signal team did good work to bring strong encrypted communications to the masses. Instead of focusing on fixing usability, stability, and group messaging that scales, they push this in (which nobody asked for) just to make a few people rich through network effects.
Mobilecoin is a pre-mined Monero rip-off (that Moxie has clear links to) with centralised Ripple-esque consensus, and puts UK Signal users into uncharted regulatory waters. Downright sleazy.
Mobilecoin was flat for long time at around $7 and then on March 28th started a dramatic rise to $66 today.
There were rumors in late January that Signal was looking into Mobilecoin but that seems unrelated, and I'm not sure I buy a short-squeeze scenario as mentioned on Twitter.
I'm not sure this solves any problem users have. Due to the nature of Signal requiring the phone number of the counter part to be in the phone book this feature will mostly be usable with friends or people you know directly. A feature which some users might want is to easily send money to a friend. These transfers will therefor be inherently be based on the countries currency. I'm not sure people will accept a cryptocurrency which value fluctuates in relation to the normal currency.
For other uses cases they can use a cryptocurrency directly (even MobileCoin) from another app.
I can understand that cryptocurrencies are very interesting from a technical and cryptographic point of view. But in their current state most of them a more for speculation and doing state of the art computer science.
Therefore I think this totally useless in the signal app.
Feels like a gut punch, I feel horrible asking people to switch to signal after buying into signl marketing, all of that now seems to be a ruse for their ecoin business.
After reading a little about founder, who is described as "investor", "cryptocurrency hedge fund manager", and inventor of "protocol". I am done with signal. What a f*kin ruse.
Deleted the app. Also left a note in status so others can see the msg and delete the app also.
But not the fact that it's going to be directly integrated into Signal. The CEO of MobileCoin is in here saying that he started it as a way to fund Signal, which from what I can tell, wasn't public knowledge until today. So he gets to monopolize a currency that was mostly worthless, knowing that it would be directly integrated into a popular application, greatly increasing its value. If that's not a scam, I don't know what is.
They also strongly de-emphasized any connection, saying he was only an advisor. Now it's paid CTO and that funding signal with it was the plan all along...
> But not the fact that it's going to be directly integrated into Signal
To be honest, that was exactly the impression that I got back then. So to me, yesterday's announcement was no surprise at all. Whether I like it, is a different matter.
Everything on the internet is being corrupted with adding cryptocurrency scams where they absolutely don't belong, it turns Signal from an obvious recommendation into something that makes me hesitate. There's something to be said for focusing on doing one thing well, and that doesn't mean turning a communication platform into a kitchen sink.
"Please don't post shallow dismissals, especially of other people's work. A good critical comment teaches us something."
"When disagreeing, please reply to the argument instead of calling names. 'That is idiotic; 1 + 1 is 2, not 3' can be shortened to '1 + 1 is 2, not 3.'"
Signal is competing against some big players in the messaging space, at least some of which have money transfers. As long as they abide by their principles and none of these features impact privacy, I don't see how it wouldn't be viewed as a win.
A case could be made for it being bloat, but most consumers don't care, and for Signal (or any messaging app) to be successful, it needs to appeal to the common denominator.
And frankly, if this means I can send money to a friend without Google getting yet more data about me, then even better.
Signal needs to be reliable, safe and have a low barrier of entry to achieve its goals of allowing widespread private communication. I thought that when I recommended that my peer group use it (at this point, all of my normal contacts use it extensively), I could trust that it would remain clearly focused on its mission- now I'll need to recommend it with a caveat to just click through the scam marketing, ICO offers and "airdrops".
You’re being really cynical in a way that doesn’t reflect the reality of the situation. This doesn’t entail scam marketing, ICO offers, and airdrops just because that’s something that happens in a lot of the rest of cryptocurrency space.
You missed the point. Even if Signal doesn't do the typical cryptocurrency scam behaviour, I now somehow need to try to explain to people why it is different to every other thing in the space that does act like that. On the face of it, if we assume that the inclusion of MobileCoin in Signal is completely benign, it's something that's never happened before.
Smoking causes cancer, but smoking these specific cigarettes won't. Do you see the problem with trying to describe such an absurd situation to somebody?
You're making a different point now though, you're saying that people will associate it with scams which will hurt adoption. You initially wrote that the UX would be so bad that you'd have to convince users to bear with it anyway.
I don't know how they implemented it on the client side, but it's possible they kept it light, as they've been doing since the beginning. We'll see soon enough.
In terms of reputation, this is a long-term battle. Signal used to be quite unreliable in a lot of aspects, and hurt adoption. Now it's much better, making the migration from other messengers way smoother. If they're able to implement safe, private and convenient payments, that's one feature other messengers won't have to lure users away from signal.
> You initially wrote that the UX would be so bad that you'd have to convince users to bear with it anyway. I don't know how they implemented it on the client side, but it's possible they kept it light, as they've been doing since the beginning. We'll see soon enough.
I think you're confusing UI and UX. Yes, the UI could be kept light but the user experience can still be confusing because a payments feature is… surprising. Why would a messaging app come with a payments feature if not to make money and exploit the user?
Not saying that this is happening here but this is what people think, i.e. the emotional experience.
> just click through the scam marketing, ICO offers and "airdrops"
That's what I meant by UX.
> user experience can still be confusing because a payments feature is… surprising
Everything new is "surprising", that's a low bar. Chat apps in China have had this feature for years now, and it's also a feature in WhatsApp, a direct Signal competitor.
If you're that concerned about third party processors, most banks and credit unions provide their customers a way to send money between people fairly simply.
Signal providing this functionality is scope creep.
Scope creep? Perhaps. But then so are voice calls, video calls, sending pictures, GIFs, etc. None of those things are core to the experience of sending "lol" to a friend. Despite the very correct statement that there already exist services which do those things.
Yet, those features have almost become synonymous with messaging apps. The market and consumers seem to want these services combined, so here we are. My point was that sending money is a feature that more and more messaging services have. Hangouts (or whatever the hell it is called these days), Whatsapp, Telegram, etc.
Personally, I would have liked it more if this wasn't tied to some no-name cryptocurrency, but oh well.
> Scope creep? Perhaps. But then so are voice calls, video calls, sending pictures, GIFs, etc. None of those things are core to the experience of sending "lol" to a friend. Despite the very correct statement that there already exist services which do those things.
I think those would all be considered in scope for a chat platform--theyre all various ways to share and communicate.
But they're not adding a "money" transfer option, they're adding a "MobileCoin" transfer option! For the overwhelming part of society, these are not interchangeable terms.
When people want to send "money" to other people, they usually imply that they want to send units of the local currency, like USD or EUR. And they usually imply that the value of these units should stay the same during transfer. If I want to pay my share of a restaurant visit to my friend who covered the check, I'd like the 30$ I'm sending to still hold enough value when they arrive in his bank account to actually cover my share. A cryptocurrency intermediate that swings +/- 20% in value within minutes (and that we both have to pay conversion fees in order to acquire/redeem for $) is of exactly no use at all for such a use case.
Before you label MobileCoin a scam, I would encourage you to take a look at the Github. I think you'll see that we've made a lot of very carefully considered choices on how to deliver a great payments experience without many of the compromises other cryptocurrencies have chosen. Of note, the speed of transactions, much greener energy design, privacy-protections, and mobile-first UX are differentiators. Many cryptocurrencies have some of these features, but I don't know of any other that has all of them.
Believe me, I have a lot of feelings about how absurd cryptocurrency has become in the last decade. At its core, I still believe that there is something beautiful in decentralized ledgers and I think that this is the way that the world will settle debts over the next hundred years. Signal chose MobileCoin because nothing else met their performance and privacy standards. In order to meet those goals we wrote a lot of new technology that is fundamentally different from how other cryptocurrencies are architected today (check out our oblivious RAM implementation, for example: https://github.com/mobilecoinfoundation/fog).
I love Signal and I started MobileCoin to help fund their work. For me, a world with Signal in it is a better place.
> Signal chose MobileCoin because nothing else met their performance and privacy standards.
Signal has obvious financial connections to MobileCoin, something that frankly nobody else has ever heard of before today. I find it really difficult to believe that MobileCoin paying Moxie (which you've acknowledged), and Signal/Moxie happening to choose MobileCoin for inclusion in Signal when nobody wanted it was a coincidence. It's insulting to the intelligence of the reader to even make that claim.
> Before you label MobileCoin a scam, I would encourage you to take a look at the Github.
That's significant in this space, because it implies that he does not benefit directly[0] from speculation on MOB, and so has less incentives to get involved in a pump and dump.
What I would still like to see for more transparency:
- legal commitment from the Signal Foundation that no employee owns any MOB
- disclosure of money transfers between MobileCoin and any Signal Foundation employee
Maybe some of this information could already be extracted given the statuses of the entities involved?
[0]: he benefits indirectly because if MobileCoin stays up, he'll probably stay as a technical advisor
The article says “Marlinspike has served as a paid technical adviser for the project since its inception” in the same paragraph, so I would say the article is quite clear on the financial relationship.
The problem here is not that people think that MobileCoin is not a useful technology or is not innovative. From what you are describing it actually seems like a good combination of features that are particularly suited for the messaging use-case.
The problem is in the way the coins were pre-mined. It seems (we don't really know from the outside) that the knowledge that Signal would be using MobileCoin has been known early on. With that knowledge it is very easy to make money by pre-mining coins. The proper analogy here is insider trading. It is immoral and that is why people are calling this a scam.
If they didn't use some random 'coin' no one has heard of I'd be on board. They're trying to compete in a bad way. They should simply just use Stripe and be done with it. People want an alternative to facebook messaging and PayPal. They don't want superfluous cryptos.
Agree. It would be OK to make Signal able to integrate payment systems and make this thing compatible with that or with any other comm that implements the interface. Tying them together is pernicious.
Anyway Signal is itself pernicious by being tied to a phone number and to Google Play services, and by being very choosy about who gets ports.
I had high hopes for Matrix, once they got E2EE, but they have flubbed that by requiring a very heavyweight bounce server that won't fit on (e.g.) your typical home router or super-cheap cloud VM. Matrix should enable a place to keep your message archive independent of the bounce server, and allow gatewaying a non-public storage service via the lightweight bounce service.
But Element.io's business model is tied to heavy-weight bounce service.
Just as a quick note, I run Synapse (the heavyweight server, not Dendrite the light-weight one!) for myself and a few friends on a modest 1GB of RAM VPS with a few bridges and have no problems. Looking forward to Dendrite getting feature-parity and swapping over to be even lighter.
Mastodon, Matrix and others suffer that issue greatly. You can't really run single-user instances without running a gigantic installation, when a minimal implementation of their protocols should have no footprint to speak of.
That was the case a few years ago. Matrix' server software has improved a lot since then. It doesn't use much resources anymore. Though there still is a large CPU spike when I join a really large room (500+ users) for the first time.
speaking as CEO of Element, our business model is really not tied to Synapse being heavyweight at all - just the opposite. We provide Synapse hosting starting at $2/user/month, and so it's critical that running a server (including sysadmin) costs us as little as possible in order to be above water. We're not competing against self-hosters, but catering to folks who aren't sysadmins and so want us to host for them.
And as others have said, Synapse really isn't that heavyweight these days (thanks in part to the performance improvements driven by Element!)
> Anyway Signal is itself pernicious by being tied to a phone number and to Google Play services
It's not tied to Google Play Services, you can download a standalone version from signal.org. As for phone numbers, the developers have been working on getting rid of them for a while now – there's already a good amount of code on GitHub.
With all due respect your comment seems to be coming from an extremely privileged position. In many parts of the world, people do not have the luxury of basic banking, where storing and sending money is fraught with risk due to corruption and a lack of infrastructure. Take a look at M-PESA [1] for a "last-gen" solution using SMS.
I think what Signal is doing with MOB is pretty important work for many non-western countries, and I wish them all the best.
Cryptocurrencies don't solve third world banking, at all. You still get paid in fiat, which you then have to convert to crypto (using a bank), and you will never be able to have most people get paid in crypto because then the government can't get taxes reliably (thus they will ban it).
Crypto currencies don’t really solve the problems with a lack of banking infrastructure. Usually people need some way to get actual physical cash (remember, we’re talking about places where people don’t really have access to modern banking systems, not places where most people have bank accounts and credit cards) in and out of the system. It’s a nice idea if everything magically happens in your digital system but I don’t think that can happen without a credible way to bootstrap it involving lots of moving physical cash first. I don’t think it’s credible to hope for third party exchanges or tiny local businesses to provide these services, and I also don’t think it is credible to expect people living in these underdeveloped places to take on the risk of price volatility in some random cryptocurrency.
If they weren't using this as an opportunity to pump some shitcoin, this might make sense. Bitcoin Lightning integration would be much less suspect, for example, because A) it's already well established B) they're not going to make a quick buck off it.
This reminds me of when Keybase integrated Stellar Lumens. It was never the same again.
If they really must integrate crypto with the main app I'd rather they used a stablecoin since a highly volatile cryptoasset isn't very useful. Also, I can't be bothered with the tax implications.
I don't know if crypto is good or bad, but I can't imagine this feature driving Signal uptake. It would be better to focus on allowing ordinary payments in GBP via Signal. Even if the payments themselves weren't private, the messages still would be.
According to coinmarketcap, MobileCoin's "Fully Diluted Market Cap is $15,638,578,369.65". If we take a conservative assumption of a 1% advisor grant (which would be very conservative for a system that has been pitching signal integration as its primary feature for years), then that would put the value of the integration at around $150 million today (or tens of millions a few weeks ago).
Moxie, as an individual, is a paid technical advisor to MobileCoin but the reality is that we could never pay Moxie what his time is worth. I am thankful that he has chosen to help make this project a reality.
I've been a longtime signal user (since the textsecure/redphone days).
I've always given moxie a pass on his controversial decisions (no federalisation, no 3rd party clients, no fdroid repo, relying on Google play services, being slow to release serverside source code) because the team was small and obviously had to cut corners somewhere.
But learning that they spent their time adding support for a (premined?) cryptocurrency just because it's Moxie's pet project is disheartening.
What are the odds that this would've been merged into the project if it had been a merge request opened by someone from the outside?
What are your (you guys) opinions on Session (https://getsession.org/), the Signal clone that uses Tor, and no phone numbers? Any significant downsides? Anybody know the team there and can speak on their trustworthiness, longer term intentions etc? What about the code they've added? Anybody review that? At a quick glance it looks like a decent but less user friendly alternative (no phone numbers - good for privacy, bad for grandma's to be able to adopt it easily). Thanks.
Signal is entirely centralized and Moxie runs the organization.
For all intents and purposes Moxie is 100% in control of the Signal network and could shut it down or release a malicious update that plaintexts messages at any time.
And a reason surfaced to continue to connect users to their phone numbers...
>>The UK also has receiver verification. If I try to send to an account and it doesn't match the name I'm sending to, my bank will warn me. How do you stop impersonation?
A: Signal relies on phone numbers for identities. Other apps that integrate MobileCoin may have a higher threshold for identification.
If even Signal is compromised, I'm debating just going back to WhatsApp for convenience and assuming that every message I send and every contact I have is fully public information that can be used by advertisers and governments to profile me.
Questionable UX in the flagship/reference Element client, and it's laggy/slow no matter where your homeserver is hosted. After so many years, it's still a curiosity and for-hackers-only experience that's pretty much just like IRC but with lots of lag. I'm about ready to to give up on it.
I still love the idea of it and I hope it actually gets good/usable one day. Until then, I can recommend it only if you want to be an early adopter, but not if you want a good experience.
That's fair. I guess maybe it's different when you have a group of people who actively use it.
It's certainly not the IRC/Discord/Slack replacement that I was hoping it'd be, where lots of "randoms" can join and a community develops.
The UX is still going to be unacceptable for most non-technical people, so I definitely can't convince my friends to switch from Discord, even for our private group.
I am incredibly disappointed in the Signal team. I don't want cryptocurrencies (or even any payments!) in my primary text app. Crypto/blockchain is fine, but if I want to use it I'll download a different app.
I'm finding this announcement creates some uncertainty in my head about Signal's long-term future.
> Signal Foundation is a 501c3 nonprofit. We’re proud of that designation and we’re out to prove that a nonprofit can innovate and scale as well as any business driven by a profit motive.
Yep, that is one option, though that doesn't seem like the route Moxie wants to take from what I've seen. He seems to think that you need a cohesive centralized platform if you want to be competitive (2016)[1].
At this point if you want federated it probably makes more sense to just use Matrix.
It is. Monero community seems to have made so many choices that prove it is dedicated to the "digital cash" use case (dynamic block sizes, constant tail emission, etc).
Similarly dissapointed but looking at Signal's past choices (barely open source server, no plans to federate, aggression against modified clients, extensive use and lack of criticism for SGX) monero wasn't even on the table.
Using an established cryptocurrency doesn’t provide a good way for them to profit.
MobileCoin is pre-mined and the majority of coins are held by founders and the MobileCoin organization. They want to sell you coins, so partnering with Signal to force you to buy their coins to transact on the app gives them a revenue stream.
If they simply added Monero, they wouldn’t be able to sell you coins.
Only thing I can think of off the top of my head is optics (most of the installed userbase for signal has probably only ever heard of monero in a negative light).
Multiple reasons why MOB over monero but I will state only the most practical one, using the stellar consensus a tx takes 3-5sec. With monero that's more like 1-2mins if Im not mistaken which is a big no-no for the usecase of instant mobile private payments. Fees are also super low w/ mob (0.01)
XMR transaction can show up instantly once they are in the mempool, a user does not have to wait for a confirmation to see a transaction. Obviously there are uses where you want to wait for confirmations, but for the use case of sending money to friends it isn't necessary.
Using 0-conf is restricting usage to "friends only" which is a tiny subset of who you may want to send money too so I think you've already answered this.
Also moxie replied in his twitter about why not monero stating they wanted a "non custodial" integration, not sure what he means but you can ask him.
That's very unfortunate. When I installed Signal, I didn't mean to open another account in which taxable assets can be traded.
In the Wired article, they argue why this doesn't put a target on Signal's back as they are not becoming an exchange. Good for them, but what about Signal users' backs?
With this feature, the range of reasons why the authorities might justifiably want to have a look at the contents of my Signal app has just widened dramatically.
If you're using this feature in the UK, you are well advised to read the HMRC guidance on the taxation of cryptocurrency:
They basically only work if I'm on a great Wifi and the other side is too. As long as the connection isn't perfect, the only way to continue the conversation is on Whatsapp (or Zoom).
I thought Session(1), a signal fork, was ridiculous for adding a crypto currency, but now Signal is doing it too?
I don't want this stuff in my messenger. It's supposed to send messages, not money. This is just going to accelerate my departure from Signal - or at least the official client.
Is this encouraging governments to insist on access to Signal, adding risk to their core product? Assuming govt haven't already, or that number is limited, adding hidden transactions seems a great was for increased government attention.
Side point, I think one of the greatest and less discussed risks of crypto is government. Its hard to see them allowing loss of currency control. Currency is so economically important for control & profitable e.g. There much talk the support on the attacks on Libya/Gadhafi was in part due to his desire for an independent currency. So unless crypto spreads so widely pre-regulation its politically unviable to move against, I wonder if we will see governments step in against crypto, at least as a day-to-day transaction option at some point.
On some level, they can't prevent you from just using the backend. Unfortunately just maintaining a fork with different branding is essentially a full time job, I used to do this so that I could use a work and personal number in two instances of the app but it was too much effort to be worthwhile.
The arguments against federation would also apply to this solution. Given that they don't like federation, it's logical that they also reject this approach for their payment solution.
Not a very surprising choice given Signals current use of SGX and reliance on their centralised server. It's a bit of a shame as MobileCoin doesn't offer as strong guarentees as other privacy coins but I'm interested to see how they maintain privacy whilst peg the transacted value - I can't imagine how they wouldn't have to rely on an exchange for liquidity.
SCRT network is a similar project that uses SGX but supports smart contacts so they could have a Maker like pegged token.
I can't wait till we stop sprinkling bitcoin over everything. At least when we go back to ads we'll stop getting the spam from bots trying to claim their free $0.00003 in cryptocoin of the week
So when Keybase added Stellar support for payments, this was met with lots of hostility and disappointment, such as 'cryptocoin bullshit' [0] or 'Yeah, I am not going to use any product associated with anything cryptocurrency. Just smells bad. [1]
Now the same thing has happened on Signal; HN's favourite messaging app. So why is this met with warm welcoming arms especially when they are also going into cryptocurrencies?
Maybe the HN sentiment back then was filled with those who missed the crypto bull-run of late 2017 and the same ones have missed it again last year.
No warm welcome by me.. on the lookout for something different again. Btw, for people using Keybase and considering an alternative, have a look at https://keyoxide.org .. project still young, but very promising plus they intend to only focus on the core features. No chat or other stuff mixed in.
At least Keybase chose a coin that has existing brand-recognition and somewhat reasonable decentralization (in terms of existing holders and nodes) and liquidity.
MobileCoin smells so much more like a ruse than Stellar.
First, indeed the sentiment changed radically between now and then. For some reason, this subject has always attracted irrationality on HN. Back then any comment vaguely positive about cryptocurrencies would accumulate downvotes, now threads are full of clearly invested shills (you can see it in this very thread).
Secondly and more specifically, Stellar, being a simple Ripple fork with an equally dubious token distribution, was a weird fit for Keybase.
MobileCoin, while having some of the same downsides (federated, centralized token holders distribution) has a more interesting design, and is closer to the actual cryptocurrency/cypherpunk spirit thanks to its fully private transactions and balances.
This is raising red flags for me, not only due to the stake some within Signal have within this obscure coin but due to them trying to turn a messaging platform into a payment platform. If they feel like they want to contribute a payment solution, they should do so in a separate product offering.
And I'd just managed to convince a quorum of my friends to move from WhatsApp to Signal. At this rate I'm going to be using Mixmaster remailers and talking to no-one again before the year is out. Remember Keybase ICO? I try not to.
There is a near zero-chance my friends and family would have done this without buy-in from their nerd contact. I sold it hard. And this same nerd has been talking about cryptocurrencies too, almost exclusively that they are at best tulip-craze scams, at worst just a way to bait drug dealers and law enforcement onto your device. Not to mention the hideous environmental impact (and you are about to talk about proof-of-stake, just ... don't.)
I can not stress enough how much I want this experiment to fail.
This is one of the primary benefits of a messaging client that uses Matrix [1], if one app becomes undesirable there are dozens of compatible apps! [2]
I highly recommend giving Element [3] a try - it's polished and easy for non technical people to use, end-to-end encrypted and OSS.
I think it's interesting that they do this in the UK. The UK has a bit of a history when it comes to financial innovations. E.g. the first national bank was created there, it's still a major financial center, and it's a country that is very dependent on international trade and literally built the foundations of the modern financial system in the seventeenth century at the same time they took over management of their huge empire. It's no coincidence that those two things happened at the same time. Their new financial system funneled huge amounts of trade through London, which in turn allowed it to go out and conquer the world. Basically they scaled trade by de-risking it. Before banks, you had to move gold around which was slow and exposed you to robbers. After banks happened, you had messengers transferring bills to each other. The Spanish were still shipping (and occasionally losing) tons of silver across the Atlantic at the time and that was their whole premise for their empire.
The UK recently removed themselves from the EU so they are once more in a position where they can play host to new financial instruments and potentially benefit from that. Crypto currencies have the potential to be very disruptive to the modern financial system. Not the worst move for them to allow some experiments to happen in their jurisdiction. If something like this takes off, it has the potential to capture quite a bit of value. If it doesn't work out, it's easy enough to get rid of it.
It's also interesting that particular block chain is based in San Francisco. The SEC is allowing this to happen, apparently (probably for the same opportunistic reasons the British allow this). These MobileCoin guys are well funded apparently and not by means of an ICO but by good old VC cash. VCs are smelling money, that's why this stuff is happening and why the SEC is being a bit hands off here. There are quite a few block chain companies operating in the US actually. There already is quite a bit of VC money locked up in that.
It's also an interesting counter move to Facebook's Libra as well and kind of embarrassing for them that particularly Signal is doing this given that it is backed by one of their former Whatsapp founders. Libra in turn was a counter move to Telegram's plans (yet to materialize) and inspired by China's WeChat.
HN crowd is too "first-world" centric : to me this is an attempt at taking over digital micropayment that ubiquitous now in third world economies where the informal economy is strong, and not everyone has access to banks, payment cards/terminal for your "side of the road" business, but now (cheap) smartphones are everywhere. At least that's how I would market the stuff if I were signal
Imagine I have a private key to an address with 10 coins. Imagine I spend the same amount of money (10 coins) on Mars and Earth at the same time. There is a 10-lightminute gap between Mars and Earth. Assume Mars and Earth have a similar number of Stellar nodes. What happens in Stellar Consensus?
Stellar actually does nothing to prevent double-spends as it is the consensus layer and not the ledger. The ledger prevents double spends in mobilecoin by using a proof called a "key image" which is part of CryptoNote (https://bytecoin.org/old/whitepaper.pdf). Essentially, a ring signature is produced by the user which says "one of these N transactions belong to me" and the key image proves that one of the members of the set is a valid transaction without revealing which transaction was valid (and preventing future reuse of the valid input).
> The MobileCoin Consensus Protocol solves the Byzantine Agreement Problem by requiring each user to specify a set of peers that they trust, called a quorum. Quorums are based on the real-life trust relationships between individuals, businesses, and other organizations that compose the MobileCoin Network.
How does this solve network splits or honest disagreements?
If you can find a way to do ZK-proofs that work in the time constraints that we have (1-3 seconds end to end transaction completion and finality), then we'll switch to them. Right now this is the only way we could get the performance we wanted.
As someone who works on ZKPs, that's very doable :)
In a Zcash-style spend circuit, the bottleneck is typically the Merkle inclusion proof, which takes say 32 hashes (assuming a limit of 2^32 note commitments). If we're comfortable with using one of the newer arithmetic hashes like Poseidon, that's about 10k constraints. Any of the modern argument systems (Groth16, Plonk, STARKs, etc.) can give proof times well under a second with a circuit of that size. If we want to optimize further, we can get proof times down to around 10-20ms (single-threaded) by using an arithmetization that's carefully tailored to our circuit's bottlenecks.
If we stick with traditional primitives like SHA-256, the circuit becomes substantially larger, but with modern techniques we can at least get proof times under a second. Happy to talk through the options if it would be useful.
We wanted more guarantees around safety. Stellar isn't written in Rust and Rust has some very nice safety properties that we felt were valuable enough for a full-on rewrite. We also wanted to be able to hand-tune the performance of the system, and the only way we could really get to that level of control was to do it ourselves.
Finally, we wanted to perform consensus on encrypted values so that the nodes wouldn't be able to censor transactions.
Stellar is essentially a liquid democracy system similar to DNS. The core proof at the heart of David Mazieres paper is that in a densely interwoven graph, any set of nodes in a quorum slice reaching consensus is graph consensus. Regarding Sybil, nodes define their own trust relationships, so membership is open but not automatic.
> Regarding Sybil, nodes define their own trust relationships, so membership is open but not automatic.
Thanks for clarifying!
So you're expecting people to
- manually add peers to be able to use the network.
- manually monitor the said peers for if they do malicious transactions, and manually ban them if yes.
Right?
How is this supposed to work considering that:
- most users won't care about manually adding peers. They'll just add EVERYONE who offers to be added so they can be done with it and use the system.
- most users probably won't even understand what a malicious transaction is in the first place.
- the few who do will for sure not have the time to monitor a network which does dozens or in the future even thousands of transactions per second.
This seems just humanly impossible, there's by no means sufficient human time available to manually monitor a P2P network's content if the said content is super boring and complex.
If it were a distributed social network you could expect people to e.g. manually flag spam because using a social network implies reading the posts contained in it.
But manually reviewing money which strangers send to each other is boring as hell, who will do this?
As far as I can tell, "nodes define their own trust relationships" is true only when considering the protocol at an abstract level, or if you're building the code yourself. As a concrete end user using the Signal client, you don't actually get to define your own trust relationships; the app is just hardcoded to trust a specific list of servers, albeit somewhat protected by SGX. Please correct me if I'm wrong.
In practice, sure you can. You have to be careful about getting it back into the normal banking system if you want to do that; but you aren't going to be raided by the secret service for handing someone 30k in a parking lot (something I have done before)
This coin is only traded on a single exchange, and cannot be bought with USD unless you do some really dodgy shit. Every time I think crypto might get interesting I try again and find it to be so shifty I immediately bounce again.
I think you can argue that payment privacy is not as paramount as message privacy and can be implemented with regular financial mechanisms. Or at least such option should be given if you are using your own cryptocurrency.
>>Those outputs contain the entire original supply of MobileCoin (250 million MOB)[1]
Is the entire supply of 250M MOB available for sale on FTX, or is only a restricted number of MOB tokens available for sale to UK residents? Is it fair to assume that the MobileCoin Foundation has no plans for an airdrop (unlike Stellar)?
A majority of the supply of MobileCoins is available for purchase at https://www.buymobilecoin.com. We have many plans for how to help users get coins but none that we are prepared to disclose today beyond the aforementioned website.
IMO Signal/Moxie "advises" this project, so to me this seems like their way of cashing out (I'm assuming they hold the majority of coins), given that Signal itself is a not-for-profit organization. At least that's what I'd do if I were Moxie.
There are 250 million units of mobilecoin, and majority of them are owned by the founders. Only 37.5 million have been distributed. With current price ($65), they're worth $14B already. This makes the project a scam and impossible for it to work as a reliable money that holds value. Bitcoin had no pre-mine and has been fairly distributed from the start.
On the other hand, these comments are only met with responses indicating that the source for that is an old whitepaper without any more information. While the person replying is the MobileCoin CEO. So they at least try to embellish the current situation in some way. Which doesn't tell me much good.
My question to Signal is: there are a lot of cryptocurrencies that already have significant traction - why not integrate with them rather than a brand new one that has to start from scratch building an infrastructure?
MobileCoin uses a fork of the Stellar Consensus Protocol, which is a consensus protocol that by design, relies on a small set of trusted third parties to establish consensus.
This does not give it highly credible censorship resistance, yet MobileCoin was chosen as the sole cryptocurrency that Signal is integrated with. Why?
No updates in the repo for over a year and no answers from the team. The whole crypto currency thing is also a red flag for me. Matrix seems to be the better option by now...
Just what are they trying to do? They are a non-profit which would make a money grab somewhat impractical. Are they worried they are going to get successfully forked or something?
Their unquestioned faith in Intel SGX is somewhat pathetic to be fair.
XMPP has issues on Android and iOS: the app needs to be running and connected to the server at all times to fetch new messages. iOS explicitly disallows this from what I understand, and on Android you are at the mercy of your OEM's battery optimizations unless you specifically keep the app running by pinning it or if the app has persistent notifications. Either way, not something that is easy to explain to normal users, meaning pain points arise very soon.
Matrix is a little more promising, but Element (at least on matrix.org servers) is slow, especially at scale.
Any chat app would have issues with battery optimizations. Solution is usually to use the mobile OS vendors push notification infrastructure. Work on that in XMPP started around 2015 and most popular clients and servers should have some support by now. It's tricky to make something nice while the platform is working against you tho, especially while those push notification systems use/d XMPP themselves.
This is either the mandela effect (I know for a fact that the server was stuck on "April 2020" for at least 6 months), or Signal intentionally hid development and then revealed it all when they realized it was bad PR.
I saw that not too long ago myself. Purely speculation here, but perhaps they opted not to publish any commits until they had a chance to have their MobileCoin implementation audited? Just wish they had been more forthcoming about why they were not pushing commits.
I mined my first btc on a laptop when that was thing. It was so hi tech when it was launched. It seems like it’s features are mostly gradual and around the edges.
MobileCoin looks fantastic! Seems to solve the major pain points of Bitcoin: fast transactions, low transaction fees, private and no massive environmental impact with mining. Any ETA on when this will come to the USA?
SGX is only used for an extra layer of privacy, beyond what any other currency offers. SGX is not used for the security of the currency. This criticism has been answered countless times.
Why does the FAQ 2. say i have to run consensus-service with intel SGX to participate with other validation nodes ? Doesn't that imply the consensus is dependent on SGX ?
”Running MobileCoin in an SGX enclave allows nodes to securely manage keys for users. A client can perform remote attestation to its MobileCoin node before transmitting its keys into the remote enclave along with a short recovery PIN. The MobileCoin node can then rate limit authenticated access to the keys, while the enclave prevents the node operator or anyone who compromises the node from circumventing the software and attempting to brute force access to the keys directly. In this way, user keys can reside safely in a node and survive across application reinstalls or lost devices, without having to trust the node operator or the security of the node computer, and without having to memorize or safely store extremely long recovery passphrases.”
> 5. Will I need to put my keys on a remote server to scan the blockchain for incoming transactions?
> Keys will never leave your mobile device. This is a challenging problem and we are very excited to share our solution when we release our mobile SDK software.
MobileCoin isn't the only fast privacy coin in town - particl has most of the same features if not more, including a private ebay-style marketplace which should be ready for prime time in just over a month (all being well). And you can buy it on US exchanges today.
The UI seems fairly unobtrusive, but I don't know if that's just because I have no contacts that can receive it so I'm not being shown some of it.
I also have no idea how to actually get Mobilecoin to play with. There's no built in way to buy it. They just give you an address you can send to from an exchange.
> Speaking solely as a person who is really into encrypted messaging, it terrifies me that they're going to take this really clean story of an encrypted messenger and mix it up with the nightmare of laws and regulations and vulnerability that is cryptocurrency.
Moreover, there are three other points I'd add:
1. I don't like "do everything" apps like WeChat or Line. One of Signals strengths was UX that focused on it's core competency. Early in Signal's development they would add privacy features. Lately they have been adding social features. This, however, feels especially out of left field and likely to hurt the UX.
2. This smells like dev resources will be spent building and maintaining something not related to messaging.
3. I've always had a "don't let perfect be the enemy of good" rationalization that gives Signal autonomy to grow a privacy centric messaging app despite the deficits (e.g lack of federation). In contrast, I personally associate "crypto" with "scam". There have been so many shady ICOs and pump-dump schemes around crypto. This will taint the product for those of us who don't think of crypto currency as being anything more than pump-and-dump schemes and a way to buy dab rigs online.