Hacker News new | past | comments | ask | show | jobs | submit login

Good Morning,

I am the CEO of MobileCoin.

A few points:

1) I started MobileCoin to fund Signal. That’s it. I believe that a world with a well-funded signal is a better place. In order for signal to compete in the 21st century with messaging apps around the world they need a payment story. MobileCoin is the only thing ever built that is both privacy protecting and fast that meets the standards of data retention signal requires.

2) MobileCoin Inc. intends to maintain an extreme minority of the coins once the dust settles.

3) This is designed to be used as a payment rail, which requires us getting coins in the hands of users. As you might imagine, navigating the regulatory waters of how to do that with compliance to how governments want us to behave is non-trivial. It’s important for us to move with correctness over speed.

4) this project is 4 years of my life building real technology. This is not a pump and dump scam. We have been very careful in the design, operation, and development of this system to give it the best chance at surviving in the world of cryptocurrency projects. It is non-trivial to deliver a coin that is useful for payments (the requirements are speed, privacy, low-energy footprint, and operation in resource-constrained mobile environments).

Let me put it simply, I love signal and we intentionally designed this currency to be as oblivious as possible with respect to user data so that signal could maintain their relationship with their users, one of retaining as little information as possible without compromising on the user experience. Nothing else in cryptocurrency, or payments, comes close to the level of privacy and performance that MobileCoin has achieved.

I welcome any questions I am able to answer. Note that some questions revolve around tightly regulated areas of concern and may take longer to answer as I must check with outside counsel before replying.






2) MobileCoin Inc. intends to maintain an extreme minority of the coins once the dust settles.

a.k.a. we intend to sell all of our vast stacks of pre-mined coins onto gullible users. This is exactly how a pump and dump scam works.


To be clear, we want to get the coins into the hands of users so they can buy things with them. Doing so in a legally compliant fashion is non-trivial. Looking at what happened with key base and stellar, a simple airdrop to users of the system doesn’t necessarily result in utilization or economic development.

There are multiple different things to consider here: 1) regulatory, 2) economic system design, 3) usability, and 4) user-first commerce.

In short, it’s much more important for us to be correct than it is to move quickly. When all is said and done, users of MobileCoin will have obtained coins many ways: through giveaways, sales, and commerce activities. Making sure we do these things correctly is the only way the ecosystem will be able to operate long term.


This isn't addressing the parent comment at all. Does the trust plan to market dump coins on their users?

I'm not sure what you mean by dump. MobileCoin plans to reinvest coin proceeds into the ecosystem to help foster economic development. We also plan to give away coins once we figure out how to do so in a regulatory-compliant fashion.

MobileCoin also needs some amount of money to operate, some of which will come from the sale of coins, but our balance sheet of coins is quite limited. We would prefer to minimize those sales as much as possible.

Does that answer your question?


I think you need to lay out the plans much more concretely and have a proper plan for transparency.

The crypto world is full of scams and misinformation. Technical people are unlikely to trust the coin if transparency and oversight stay so vague.

Scanning through this discussion, quite a few red flags have been raised by users. I assume your intentions are good at the outset. But when the money comes rolling in, even the most pure plans can be corrupted.


> I'm not sure what you mean by dump.

Sell your token at overinflated prices (in a similar way as other ICO scams) and funnel money into pockets of whoever is running this specific scam, with some minor amounts put toward claimed goals.


This is hard because we don't have any control over the price of the coin whatsoever :(. We don't sign any listing agreements or do market making or pay exchanges anything to list. We literally haven't done anything except publish the code and make the coin available to the public.

Thank you for helping me to understand what you're looking for; we will go back to our counsel and ask them for more advice with this in mind.


All of your answers are so obviously not answering directly. You were simply asked if you would be selling the coins to retail investors on exchanges and gave a bunch of blabber when the answer is clearly yes.

Form your post above RE selling coins at inflated prices to the public, you said “This is hard because we don’t control the price” Umm, you could give away the coins. You claimed that Stellar gave away coins but the coins didn’t end up being used by end users. How does selling the coins at hyper-inflated prices to end-users change this? Why will they use the coins if they are sold them vs given they?

It would be great to know the timing, amounts and prices of coins that have been sold to either investors or the public.

Your reputation and Signals are hanging on a thread here. We’d all appreciate some transparency.

How many coins will Mobilecoin sell and over what time period? You and Mobilecoin currently control about 212.5M coins which is $8.5 Billion created out of thin air. The price was recently inflated with a suspiciously perfect timed short squeeze, likely orchestrated by one of your investors looking to pump their bags.


You mentioned exchanges own ~50% of the mobilecoin supply, how did they come to posses that amount of coins? Did you give them away for free? Or did they pay some price for each of the coins they have? If it's the latter can you disclose at what price you sold the coins for? This would give mobilecoin users a good baseline price for what the creators of the coin believe it's worth. Thank you.

> In order for signal to compete in the 21st century with messaging apps around the world they need a payment story.

What is a "payment story" and why do messaging apps need it? Signal should be secure SMS with a better UI, nothing more.


I'm pretty sure that's just a buzzword for "revenue model", which is to say a plan for how it will make money. The charitable interpretation in this case would be "how to keep devs on the job and not homeless", and the uncharitable case would be "how to make Moxie Marlinspike and his buddies obscenely rich".

It looks to me like either there's a lot of selling out going on here or there's a lot of great examples of how not to market a good thing to reasonable, aware, suspicious people (which is, in short, pretty much the core market demographic of privacy software users).

As for me, I'm starting to wonder whether Session is much better than Signal, and I think that if you want privacy in a cryptocurrency you're probably better off with Monero.


I love the dichotomy 'working vs homeless'. It's a sad state of a country if being jobless implies homeless. Also, I don't think someone working for a SV company can't just move somewhere cheaper and reduce spending until the next gig.

I don't understand this either. Does Signal need to compete with streaming services like Netflix next? What about Steam? I didn't choose Signal as a platform, I chose it because it is (supposedly) a secure and privacy focused messenger app.

I guess there are some users who expect something in this vein after seeing it in whatsapp or imessage? Still, bundling some unstable opaque cryptocurrency to it instead of just normal money seems a bit disingenuous.

Or they want to become WeChat.


I believe many apps are currently implementing this.

What financial interest does Moxie have in MobileCoin Inc, MobileCoin TS Ltd or any connected business? Does he stand to gain from the success of MobileCoin?

You could have avoided most of the criticisms if you had a clear explanation of why you pre-mined. Saying that you intend to sell it is not as reassuring as you seem to think it is.


The pre-mine has to do with using stellar consensus protocol. Basically if you don't have staking or mining (which I personally believe are detrimental to the longevity of these networks) then you end up with a pre-mine. Essentially all of the game theoretical systems for rewarding operations of the network pit the interests of the miners/stakers against the interests of the users of the network.

Again, why do avoid answering the question? When you avoid answering the question, it comes off as more and more sleazy.

I'll take from the fact you dodged the question that Moxie does indeed have a financial interest

Is it a stable coin? Users want to send real money; MOB is just temporary inconvenience necessary for digitalization. Do you guaranter that users can get out the same £ they put in (minus a clearly disclosed fee, within a reasonable time frame of days to weeks)?

If not, it's useless. I'm a chat app user, not a Forex trader.


This is not a stablecoin. MobileCoin has plans around stablecoins in short order that will allow users to transparently get back to stability on their transactions, but those aren't available on day 1.

What percentage of the coins does MobileCoin and its founders/early investors currently hold?

Seems your early investors certainly have a large chunk https://threader.app/thread/1335948142022311936


MobileCoin has made over 50% of the coins available for purchase. We are currently figuring out how to give away coins while remaining regulatory compliant.

That does not answer the question. You answered the question of "how many coins do you intend to sell" not "how many coins do you currently hold." Based on your answer I can only assume that you hold >50% of the coins and intend to sell 50% of them in the near future.

Kinda seems like the sort of thing you would have figured out ahead of time...

Unfortunately cryptocurrency regulations are anything but clear and obvious. This is a new frontier and operating with an abundance of caution is of paramount importance. We respect the hard work all of the regulators are doing trying to figure out this new world.

We're all doing our best to work within the constraints.


Yeah but like, what if you find out that you can't distribute the remaining coins in a compliant way? Wouldn't that be something that should have been determined before all the work to integrate with Signal was done? It just feels like if that were a true priority, it wouldn't be in the "implement first, figure the rest out later" category. Even if it's a complicated question.

I can assure you that we have the best minds in the regulatory and legal worlds thinking about this and there just isn't a lot of regulatory clarity. If you had told me that 4 years after I started MobileCoin we still wouldn't have guidelines on how to issue a cryptocurrency in the US I would've told you that you were insane, yet here we are. This isn't to point fingers at the regulators, I really think they have a humongous task before them; regulating cryptocurrency is the institutional challenge of a lifetime.

We want to make sure we operate out of an abundance of caution. Correctness is more important than speed.


I'll ask again: Why are you geoblocking US based users from the sales page you linked previously?

Out of an abundance of caution and advice from our counsel. The regulatory landscape in the United States is complicated. It is hard to predict what is and what is not ok. We tend to be far more conservative than other players in the space.

I find it strange that you bundle your currency ecosystem into a product that is widely used in the US and you haven't ironed out how to sell it directly to them. Also, it's a strange choice geoblocking the traffic rather than serving a static lander explaining the issues. This entire situation is rife with strange choices.

I see risk exposure increasing greatly across the board, for Signal operations, users, and everyone involved from your side due to this merging of services.


Translation of GP: “What we're doing has been illegal in the US for decades.”

1) I started MobileCoin to fund Signal. That’s it. I believe that a world with a well-funded signal is a better place. In order for signal to compete in the 21st century with messaging apps around the world they need a payment story.

So I think that's the base of what people are upset with. Signal suddenly essentially became a for-profit (it decided to prop up a for-profit company which would in turn fund it as a revenue model). Now a lot of people that donated to and promoted what they considered to be a non-profit project feel cheated.


So instead of contributing to the Monero project to improve the space for everyone, you decide to fragment the privacy coin space instead with a sketchy premined coin.

From some of the discussions I've seen, it looks like part of the MobileCoin strategy is to shit-talk Monero as a way to build hype for MobileCoin, and claim all prior art came directly from CryptoNote while ignoring the fact it's implementing stuff pioneered in implementation by Monero. I've seen some pretty friendly discussion history with Monero in the first days of the nascent MobileCoin project turn into MobileCoin people being absolutely, obnoxiously awful later on.

If there's some way this can be explained away by MobileCoin people, I think it'll make a great story, because there seems to be a lot of stuff there that doesn't look explainable.


You...don't believe in new coins, innovation on features, or marketplace competition?

Network effect and perceived legitimacy is critical. Splitting that is obviously suboptimal, especially when privacy depends on having a large number of users to blend in with. There isn't a single cryptocurrency in the top 20 by marketcap that isn't mass-surveillance-friendly

I think it’s pretty clear mobilecoin coin never be added to monero

Why not use the Bitcoin Lightning Network? It allows faster transactions then MobileCoin and much better privacy than on-chain Bitcoin. Privacy doesn't match Monero, but will undoubtedly improve over time.

Clearly this would prevent the "get rich from pre-mine" benefit, but also remove 99% of the criticisms related to greed, centralization, geographic limitations, etc.

I don't see how MobileCoin can be censorship-resistant, neutral or permissionless in the long run. Are those goals of the project?


Bitcoin isn't private or suitable for peer-to-peer transactions since it has tainted coins.

Why another altcoin and not simply ETH or BTC? You state privacy and performance: could you be more specific?

A few things:

1) tx settlement time is ~3 seconds on mobilecoin, p99 latency right now with single block finality. Eth and Btc are great but they aren’t that fast (for payments speed really matters).

2) with respect to privacy, the key innovation of MobileCoin is that when all of the systems are operational, there is no transaction graph stored in the ledger. The links between transactions are known only to the counter parties to those transactions. In the event of a failure of the Secure Enclave, links between transactions degrade to probabilistic links between transactions (and forward secrecy can be restored upon recovery of the enclave).

The effect is a payment system that is both fast and privacy-protecting with no central authority, a quality not present in any other payments system I am aware of today.

Does that answer your question?

Oh, last and perhaps most important, because of our consensus design, we don’t use a ton of energy like btc and eth.


I have not yet read in detail how you use SGX. But setting up SGX requires complicated processes and signing contracts and other paperwork with Intel. (Correct me if this is wrong.)

Given that setting up the "systems" requires a huge effort, I assume that the architecture assumes a single central entity is running all these core systems, right? If yes, does the system rely on these core components to be up? If yes, how does it not rely on a central authority?

Another aspect I don't yet understand: Traditional cryptocurrencies solve the distributed consensus problem through mechanisms like proof-of-work or proof-of-stake. What does MobileCoin use as a consensus mechanism?


https://github.com/UkoeHB/Mechanics-of-MobileCoin/blob/maste... << This document has an extensive explanation of the consensus mechanisms and the attestation/enclave mechanisms in their respective chapters.

Have other existing privacy cryptocurrencies been considered?

Grin is a lightweight privacy cryptocurrency using MimbleWimble. It uses a fair distribution (no pre-mine), with an emission of 1 GRIN per second:

https://grin.mw/


Yes the problem with Grin is that it allows perfect input/output linkage (see: https://github.com/mimblewimble/docs/wiki/Grin-Privacy-Prime... under information leakage).

Grin also doesn't meet our standard of <5 second blocktime.


Why not use an existing currency which solves the problems you highlight, like Nano?

Nano doesn’t solve privacy to the degree we were excited about. Again, fast + privacy protecting is really hard to achieve, particularly if you care about fast tx recovery on a mobile device.

If you actually cared about privacy, you'd have just used Monero, and saved yourself 4 years effort building YAS (Yet Another Shitcoin).

And no, speed is not the most important. As long as the user can see the payment incoming, it's trivial UX to say "Payment received. Will be confirmed and available for use in 3 minutes."

edit: it appears MobileCoin is (allegedly) built on a combination of XMR + the Stellar consensus protocol? If true that's a slightly better scenario than I previously thought


Monero isn't fast enough and doesn't support transaction recovery (it also has probabilistic linkage which MobileCoin doesn't due to our use of secure enclaves). We spent almost 18 months building MobileCoin Fog to solve the second problem (https://github.com/mobilecoinfoundation/fog). It's a non-trivial stack of code to allow users to recover strings from servers they don't control without the operators of those servers being able to learn what strings are being recovered.

Don't get me wrong, we stand on the shoulders of giants, but there's a lot of new tech here.


Why can't I find details about your node partner vetting process and what the requirements are to be considered a partner to run a node?

We don't vet node operators. Node operators each individually choose who to peer with in a liquid democracy. Anyone can peer with anyone else; consensus is an emergent property of the graph.

Okay, so do the current node operators publish their peering requirements?

Given your description it sounds like governance is whatever the MobileCoin foundation and its partners dictates. Unlike the consensus in this thread I think there's a lot to like and explore for a privacy token that chooses a different set of tradeoffs but the opaque governance, token holder distribution/circulating supply and lack of acknowledgement to the Monero project really sets it back.


The MobileCoin Foundation only publishes software, the nodes decide whether they want to run that software or not. Ultimately all of the nodes can run whatever code they want and call it MobileCoin if they can agree upon it.

The governance is actually quite simple: a set of decentralized nodes individually choose what software to run and who to peer with. Consensus is an emergent property of that trust graph.


What do you do differently from Stellar or Ripple at the consensus layer which both started out with similar ideas, but quickly found that their validators fall apart due to the strongly-connected validator set requirement not being met? In other words, how do you avoid the exact same fate that both Stellar and Ripple ran into in their consensus models when they also tried to let "node individually choose"?

Consider asking this on their community forum to get more eyes on it: https://community.mobilecoin.foundation

Sounds like “proof of authority” which is often used for testnets, where reliability is far more important than decentralization.

> In order for signal to compete in the 21st century with messaging apps around the world they need a payment story.

No, it does not.

There are two distinct groups of people using Signal. None of these groups needs MobileCoin-based payments.

Group one is probably the biggest and consists of "normal" users which use Signal because it's the free messenger that is NOT affiliated to Facebook and has a good reputation with regard to privacy and data protection. There's another messenger with similarly good reputation, Threema, but that one costs money, hence Signal is the more popular choice. These users may indeed find a simple payment solution through their messenger a useful feature, but they want to send each other "money", not "MobileCoins". Those are not interchangeable for this kind of user; they expect to send whatever is their local currency, USD or EUR or whatever, and they expect the entirety of the money they send to arrive at the target - having 20% crypto market swings within minutes eradicate 20% of their share of last week's restaurant check while they're transferring it to their friend is a non-starter for this group. So are exchange fees for USD-MOB/EUR-MOB exchanges before and after sending money, even if the exchange execution itself may be automatically run in the background. This is true especially since there are already well-known and established solutions out there specifically targeting this particular need - PayPal Friends and the Cash App for example. Sure, it would be nice to have messenger integration, but if the only way to get that is to transact in MOB instead of USD and always send 10% more value than you intend to pay just to ensure the receiver gets "enough", the established out-of-band solutions which don't have those problems will simply be used. Also, this group doesn't really have strict anonymity requirements, because they usually send money (and messages) to people they know in real life as well. Whether your awesome crypto coin is more anonymous than PayPal thus doesn't matter at all for these guys.

Group two consists of those that actually depend on Signal's security, privacy and anonymity features because they need exactly that in a messenger. Think whistleblowers, journalists, people doing stuff that's illegal where they live. A lot of these want to send information to their contacts, not monetary value, and don't have any use for a payment option in a messenger. And even those that do want to transfer monetary value won't exactly be enticed by a one-click crypto transfer feature in their secure messenger, since they can be assumed to be technically competent enough to utilize the already-existing cryptocurrencies (especially those with a much longer history of privacy protection, such as Monero) and crypto exchanges to perform whatever monetary exchange they want to do. I would even say that these people would explicitly NOT want to use a messenger-integrated cryptocurrency, because that limits them in their choice of cryptocurrency and fiat on/off-ramps, which are crucial decisions to be made carefully if you want to preserve your anonymity. And the entire idea that these guys would switch from Signal to WeChat just because "WeChat has a money sending function" is blatantly absurd.

I do not see any sufficiently large group of people that might get any value out of this MobileCoin-Signal-integration feature. Hence I predict this feature to ultimately fail due to lack of user interest. But that will only become clear AFTER a lot of good-will from tech- and privacy-minded people has been burnt by this unnecessary stunt, as can be seen for example here in the HN comments.


Hi,Josh: If MOb can be used by Signal user, there must be a stablecoins. You said your team has plans around stablecoins in short order, can you tell the relationship between mob and stablecoins ?

Can you talk about scaling issues. What are your projections for the size of the MobileCoin blockchain, assuming it is successful and people want to do >1000 transactions/second.

We've tested MobileCoin at ~100 transactions per second right now using low core count boxes. We suspect we can scale to 10,000/second on the existing tech stack by throwing bigger boxes at it AND doing some performance tuning. SCP has been shown to hit very large tx/s numbers so it's just a matter of tweaking it until we get those numbers out. 100 tx/s is more than adequate for quite some time for our use case.

I was thinking more along the lines of storage requirements. How much space would be consumed on a full node by a network running at constant 1000 tx/sec?

We designed it to scale to 1B users. I can grab someone from eng to give the exact numbers but it'll be a long time before we have issues with storage.

I'm pointing to the foundational problem that led to the Big vs Small block debate in the context of Bitcoin and which is the argument for second layer networks.

Presumably you've come across this question in your four years of development and would have exact numbers (perhaps not for my chosen value of tx/sec) already at hand. The fact that we're three comments deep into this, leads me to believe you are dancing around the question.


There’s no dancing going on. He said he doesn’t know the exact numbers but is asking the engineers to dig it up for you. Please don’t be rude and please don’t put words in other people’s mouth.

As I say, this is a foundational issue that every blockchain project should address. Before I asked my initial question, I searched the documentation to see if it had been addressed. Such answers might be a second layer story, or some form of transaction aggregation on the base layer blockchain. I could not find anything that obviously looked like that.

At this point I think it's perfectly fair to start with the assumption that a new Crypto is a scam and it needs to do the legwork to show that it isn't. To claim that a blockchain (the most ludicrously inefficient data-structure ever devised) can scale to a billion users is an outrageous claim. The technical means they found overcome this problem should be front and center in their documentation.


I am going to do an AMA over at r/signal on Tuesday at 10am; please save questions for over there as I have to get back to work. I'll say this: the punchline here, as I'm sure you're aware, is that there are limitations to layer 1 scaling. We haven't discovered those limits at MobileCoin, but they surely exist.

The question becomes: what is tx throughput at N billion users? What are the scaling strategies that will get us there? It is zk-rollups (or zk-zk rollups)? Is it sharding? Is it moving to custom hardware circuits? I suspect it will be some combination of all of the above.

We don't know what the answer is yet and we will devote tremendous resources to figuring it out. I don't want to give the impression that MobileCoin as it is written today will scale to Alipay levels of tx throughput, but I do believe there is a path to get there that requires a ton of work.

Does that answer your question?


It answers it, in the sense that it acknowledges that the question remains to be answered.

Grin can be used in signal,whatsapp,telegram,email, carrier pigeon, paper note..

Your privacy belongs to Signal which stores your data,MOB is a centralized,premine ,hidden ico.

Convince me.


''This is not a pump and dump scam''(!). We have been very careful in the design, operation, and development of this system

MobileCoin Inc....


Are there any considerations using signal as an identity verification platform for other services?

I can’t speak for signal but I don’t expect them to ever scan a driver’s license or passport.

I meant an anonymous identity system linked to blockchain technology.

Do you have a design proposal for such a system?

No, but: https://democracy.earth uses a couple of systems to connect to it (https://fortmatic.com,https://www.portis.io, https://walletconnect.org) - I don't know why they ditched https://metamask.io.

Overall the adoption of these systems is too difficult. Something that could be overcome with signal/mobilecoin.

Democracy earth is just an example application. Overall I would appreciate to own my data and have it secure (like signal provides), when it comes to the whole ecosystem of the future for: social media, voting, contracts, etc.


>2) MobileCoin Inc. intends to maintain an extreme minority of the coins once the dust settles.

In other words, cha-ching! then what?


Then we build services for users to help them use MobileCoin for commerce. The goal is to make a real decentralized payments network.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: