Bitcoin Forum

Bitcoin => Bitcoin Discussion => Topic started by: mikepasts on July 28, 2015, 05:35:39 PM

Title: OpenBazaar store name registration
Post by: mikepasts on July 28, 2015, 05:35:39 PM
After reading the preceding post on reddit Im concerned OpenBazaar is been compromise:

Like most people here I been anticipating the launch of OpenBazaar. On a recent post about the project a small detail got my attention, it uncover the fact that the project has been compromised by the same corporations we are trying to replace. taken from:
Union Square Ventures:
OneName and OB1 (dev team behind OpenBazaar) Also ETSY: "online marketplace for products sold by artisanal businesses"

The OneName & OpenBazaar connection:
When you create a store in OpenBazaar you are given a string of characters that represent your store on the network, This long string is obviously not memorable or marketable, so you need to get an store name that resolves into the string. Similar to a Domain, resolving into an IP.

Users signing up for an OpenBazaar store are directed to create an account with OneName, an startup that got funding from Union Square. Open Bazaar also got an investment from them, which is great, until you realise that unless you are Nakamoto, there is no free lunch.

We all know that when you don't pay for a product, you are the product. Please ask OneName what is their business model, how do they make money?

OneName provides a web API that resolves OpenBazar store names, you post a user store ID to them, and they reply with the data that OpenBaazar needs in order to locate and display the store. If you request the CoolToys store, you request is submitted to the OneName web API, which answers with the correct string that represents the store. The OpenBazaar client receives this and shows you the store. Basically a centralised OpenBazaar DNS. Goodbye privacy.

Turns out that when Namecoin was created; 2 sections on it where definen as standard. The /d section for Domains , and the /id section for IDs.
Obviously the idea behind the Namecoin IDs, is that everyone can use the same section and avoid collisions. That way there will be an open source unique blockchain where you can own your identity credentials. Every service could then use this ID location, so you will never need to register again for an internet service.

OneName came to light mid 2014, and avoided using the already existent /ID section (which be the time already had registers) and instead create their own section inside Namecoin; the /u and /i sections or "Namespaces". When you register at the OneName website an entry is created in Namecoin /u and /i . If you ask them why did they not use the /ID namespace (as expected by anyone writing ID data on Namecoin), they say is because they did not have enough space to store all their data. They solve this by using 2 namespaces instead of one. How clever!

They needed the extra space to list ALL your social networks? they could have done exactly the same inside /ID.
The real reason to create a new namespace was so that they can control and register the names to all stores. I found this last night after waiting for the Namecoin blockchain to sync, tried to register some names at the newly created non-standard /u namespace. Every single good store name is taken!

"Option #2 (NAMECOIN) is for developers who want to register directly on the blockchain manually" Developers only?
OneName will force you into OpenBazaar using their API, so that they can restrict you to the /U namespace that they fully control. It wont work with the Namecoin standard /ID namespace! Hello aftermarket for OpenBazaar names!

Before Capital Ventures funded OpenBazaar, the plan was to go with Namecoin /ID standard as referenced here: OneName got away with it even after the same OpenBazaar devs pointed the reason why the standard /id namespace was the right choice.
So what is the alternative?

Any Namecoin blockexplorer could easily answer requests to resolve the /ID Namespace. (Is the current OneName web api derived from an open source block explorer?).
Why put all the trust on OneName untested protocol, while we have the alternative of using multiple available Namecoin explorers? Maybe users can select one that they trust, just as we do with DNS now.
Namecoin SPV could soon resolve this without the need of centralised servers, while is not ready just yet, there is an ongoing effort to have it ready soon. Data will then be safe on a well proven blockchain that was even part of Satoshi work.

If we do not do this we have a great risk. OpenBazaar being the first major user of crypto based IDs will make OneName successful on hijacking the Namecoin /ID namespace. The rogue namespace will have enough traction to become the standard; they will not only control the <user IDs> but also the <store name IDs>, and associated web of trust. (Do u/gavinandresen, u/vbuterin and Jeff Garzik really endorse them, or are their images been abused?)

Yet another reason to re-consider OneName is that they have stated that they are blockchain agnostic, and been discussing moving away from Namecoin (read if they are not successful hijacking the /ID namespace they will move). That will also mean that they will move YOUR ID DATA at THEIR convenience. How will data from people for which private keys do not control, be moved? See OneName's Blockstore project.
Finally, If OpenBazaar is as successful as we all want it to be, the hijacking of Namecoin will not only affect OpenBazaar but will affect all Bitcoin users. If a network effect is created around the OneName rogue names and resolvers, you will soon depend on them too.

Dear OpenBazaar Devs, everyone appreciates the hard work you are putting into this project. The implications of your work go beyond creating a new market. Please realise that OneName's /U is a trap. Reconsider your OneName affiliation and remain true to the idea of creating a free and decentralised market that is independent of the interest of corporations. Letting OneName and affiliated corporations, set the rules to resolve and control the names of stores and users in a rogue namespace with a constantly changing untested protocol does not stand by the open free market goals; have strong implication on the Bitcoin ecosystem, and will ultimate result in a OpenBazaar fork.

Att. Unhappy Ebay & ETSY user.
Edit1: Please review this: