Xephan:
To imply that I want to be the "controller/arbiter of trust" because I want complete control over my system is totally false.
For one, how could I be the controller/arbiter of trust if I'm not the one who does all the ratings?

At this point I've gotten all the input I need.
Thanks for everyone who responded to this thread.

Sgt:
I see what you are getting at and you have a valid concern but you must also think about the difficulty involved with engineering such an attack and everything that it entails.
(they can't easily identify people to socially engineer or hack to find if they have a high rating or not)
I would say, SURE your attack idea could be done IF thousands of IDs were specially engineered, BUT getting even 1 ID to be specially engineered would be difficult. Now add to that they would need to not only maintain the engineered one and get it to maturity but they would need to do the same for other new IDs. The only plausible way I can see is if their whole engineered group of IDs was connected through 1 or 2 roots. The problem there (for them) is that their whole group would get wild swings (downward) when the root(s) got adjusted by their non-engineered parents.
If you were sitting here at my computer I could show you examples and you would fully understand at that point. I have 60,000 data records in the original project that is 20 years old and 29 million records in the latest one, about 1TB of data.
You bring up good points and that is what I'm looking for and I'll be testing them if and when I work out the brick wall of formula problems I got right now.


thechev:
Yes it sounds like that. I'm assuming you are talking about the example I gave. The algo doesn't work like that.
I failed to mention that I was inferring a "like" tendency that people would be attributing to a user instead of "trust" which is what they would be supposed to do.
I guess it was a bad example but you can still see that adding ratings is not a good idea unless one wants to see a sort of "cumulative" trust over time.
What I am proposing is more of a rating that indicates the most to least trustworthy over a total population.
The question then remains, would you rather see cumulative trust over time or how someone fits into the total population on the attribute of trust?

Sgt:
I was speaking in terms of Anon attempting to get a high rating and assuming that would be their point so as to rate others higher or to rate others lower both maliciously.
When you say "bunch of members ganging up on.." you are thinking a bunch as in millions?
That is what it would take and those millions would need sufficient ratings to cause any good or bad effect.
I understand you think it could be abused some how but so far any abuse scenario you mention wouldn't work.
I personally know it wouldn't because on the other 2 applications of the algo (although totally different applications) I've seen roughly what could be translated into an abuse scenario(s) and it/they were are handled without issue.
If I took the otc wot database and ran it against the algo I could illustrate this and we would see good ole Mr. Stamp get stamped.
I had a look at the list yesterday and it looks like there is less than 1000 users.
That's pretty small and not quite fully functional for this but the algo would for the most part put F00dSt4mp much lower than he was at least.
As I said earlier, a large "web" wouldn't have any such problems.

I've delved more into the formulas to port over to the trust application and I'm hitting a brick wall on 3 of the most important parts so the whole thing might be a non-starter unless I'm able to get my head out of my ass on those. I had the same issue on the 2nd port of it and it took me 3 months to figure it out.
This one however adds a couple of funny twists that really aren't too funny.The basis function for 1 and I won't get into the other one.


thechev:

My whole post was about a trust system in general and not related to bitcoin.
As for celebrities, think about it. There would be numerous celebs being rated highly by millions and their rating would be added and added and added. That's not good. So a music star gets a 5 million rating and that puts them in the top 0.1% of people in the world for trustworthiness.
A cumulative rating system would be fundamentally flawed because as I a mentioned above plus other highly trustworthy people who only have 10 ratings would never even show up as being trustworthy.

Good to know thanks

Wow I'm stunned.
Prior art pRior aRt pr1oR arT!

Judging from the way he talks it would appear that guy would seriously benefit from some old fashioned gene pool elimination therapy.
You know, like the application of leeches etc..

If miners were allowed to reject blocks in any sort of way it would undermine the entire system because it would allow some chance that a block would not be processed and the whole chain would grind to a halt.
The bigger question is how the fee schedule will scale in the future, far future actually.

It seems this whole "centralized" vs "decentralized" thing is being misunderstood and somehow tied to the p2p nature of bitcoin.
My system needs a potentially massive database that needs a large number of queries to be done for calculations to take place in as short a time as possible.
"decentralizing" the database as in any sort of p2p would make that utterly and totally impossible.
You are also blurring the concept or paradigm of WoT with the reference to PGP keys as a Certificate Auth vs a Trust Authority.
A Cert Auth simply verifies the auth of the ID and has nothing to do with any history of ratings associated with that ID.
Also the Cert Auth is "centralized" but my DB should not be?
A PKI Cert Auth for an ID is a totally good idea and it's at the top of my list for ideas of how to auth ID's and prevent ID hijacking.
There are more details that will need to be worked out and with the help of a Steering Committee which has yet to be assembled.

The existing WoT system(s) [I know of only 1] have proven at least to be somewhat effective but they (it) is and has been open to hacking which was illustrated in the link in my first post.
The Bitcoin OTC WoT is really cool but if you examine it you will see that it is hackable and ratings can accumulate which basically throws off the usability of the rating.
If for example celebrities were in WoT with the current rating system (not bitcoin realated WoT, I'm talking a sort of universal WoT) then you would see ratings of a million.
Obviously a rating of a million one would expect to be ridiculously trustworthy which clearly wouldn't be accurate.
This wouldn't happen in my system.

Mad-sciency?
Not sure if that was a compliment or not.

trent:
No you are totally correct.
The physical system would have to be very robust and would need to be engineered from the beginning to work as you described in addition to being scalable.
Clusters come to mind as does RAID60 and multi-homed backbone.
As for business/entity, true as well.

trent:
There would be a standard rating scale/system that people would need to familiarize themselves with and they would need to understand that the system runs on IT and not on their own rating system. They would make their own judgments about how someone should be rated but within the guidelines of the rating system. They would be encouraged to rate accurately and be given info about how consistently inaccurate ratings could affect them.
The assumption is that "generally" people would be "generally" accurate and that is all that is needed.
If "generally" people were NOT "generally" accurate then the system simply would not work as intended but it would still put things in the right direction.

Thanks for the whitelist!

Sgt:
I'm typing as fast as I can and I get new ones.
Yes Anon could do that but you must remember that if Joe Schmo is not really a bad person then he will still be rated highly by others, also Anon would probably not have a high rating, how could they? So their attacks would be coming from low to mid rated users as a whole. Anon could not be expected to maintain any sort of high ratings, who would rate them highly? They themselves could but that doesn't mean anything because they are only a small small part of the web.

Sgt:
You could make as many ID's as you want but none of them could rate anything because none of them have been rated by a web connected user.
Even if I dropped that requirement and they crafted a few super high rated ID's they would immediately get adjusted as soon as they got connected to the web, probably by a handful is all that would be needed.
After that their whole effort would be toast and any user could see they were "newbies" to begin with.
There is NO manipulation possible once they have robust connections to the web. It's all a done deal then.
I'm sure lulz or anon will try but I'll be giggling.
Important to note here: user security is important! If lulz or anon were to hijack hundreds of high rated ID's due to LaxSec on the user side then it could cause a problem.
It would be much simpler for them to steal bitcoin wallets or hack emails than it would be to locate hundreds of high rated ID's so consider that since ID's have no info on them.

Your subweb ideas: This is why I would require web connect before outgoing ratings could be made. Subwebs bad. I could however allow subwebs and users would just need to look at the "web connections:" stat to see if they are out in la la land or not. La La Land ratings do not compare to Web Ratings.

trentzb:
There is no possible way to do hundreds of SQL queries quickly unless the DB is on 1 fast machine or fast system.
To calculate the thing with data all over the place would be impossible.
There are thousands of examples of central DB systems running critical systems and they have architectures for security/redundancy/backup etc.
Your assertion shoots all of them down, including Google, Amazon (not their cloud BS), and the IRS.
Human nature, yes absolutely you are correct.
The bottom line with that is that not everyone is bi-polar or similar all the time, in fact on average the population is generally stable and generally makes the right observations.
Because abnormal or anomalous behavior is not the norm this system is able to put everything where "general" is and handle those abnormalities.
I know the system is foolproof as I have described because of it's current use in systems that are HIGHLY anomalous but have a general normality to them.
It handles them very well.

Think of it this way: Let's consider this example...
All people in the world are in the web, like 6 billion people.
There is a mathematical link between Hyunmo Chen in Korea and Billybob Smith in Kentucky and their ratings can be 100% directly compared.
Good people through more and more ratings show themselves as being good and they end up in the upper part of the ratings range.
The same for bad people going to the bottom.
What I was trying to explain in the last post was that people need to rate people as they SHOULD be rated or they will face a "pull" on their own rating.
In other words, knowingly (and consistently) rating a bad person good will have some sort of negative affect on your rating for some period of time.
Doing it once would be negligible.
There is no discouraging for any sort of feedback as long as it is accurate.
If any 1 rating was accurate for it's action but was not indicative of a person generally it's ok too. The system takes it all into account.
Once one understands the dynamics it basically forces people to not only act correctly but also to rate people correctly, whatever "correct" rating is warranted.
A great example of where people don't rate correctly AT ALL is where men consistently rate ugly women with large breasts a 10. We know there are VERY few real 10's in the world yet guys would make you think there are 100 million. Hope that is not offensive, didn't mean to be. It is a real example.

Sgt:
Consider the system is structured in a way to prevent scam/hack attempts for ratings and it's geared towards the world in general and anything related to trust, not just bitcoin WoT.
"web" connections I am referring to are the "web of trust" and any person "entity/object" must have a direct connection to the complete web by being rated by someone who is in the web.
This is necessary to prevent "sub webs" from being created, by hackers or even valid groups who are not connected.
"sub webs" would make ratings that are not comparable to other "sub webs".
The downside is this demands that a "seed web" is started among original trusted (or not trusted of course) people and those people would then be able to invite people into the web by rating them.
Anyone good or bad can join the web. They just need to be rated.
Sure, if their initiating rater gives them a good rating just to get them in it's ok. They will show 1 rating and 1 web connection which should be seen as not yet mature.
Of course their initiating rater is foolish to rate a bad person good then their rating will suffer as soon as the bad person acts as himself (bad) and gets bad ratings so the whole thing takes care of itself in short order.

Good points, let me try to explain:
Yes of course if LOTS of people rate down someone (with my algo) then his rating will go down BUT it will only stay down if he is in fact bad and continually gets rated down normally.
In other words, it would take lots of people who are rated high (not just the same people over and over because it won't accumulate that way) consistently to do any damage.
Like I said before, cream rises to the top etc..
In a small "universe" then yes there can be manipulations much more easily but even then, assuming the person being rated down is in fact a good person, then what you would see would be large movements in his rating AND you would see the same in the bad people who were attacking him.
It's difficult to explain any better than that.
As for multiple accounts, sure they could absolutely, the problem with them doing that is they would always be starting over and their "web" connections would show none or few (which shows an immature ID and possible hacker) and they would have a very difficult task of re-engineering a high rating again which would be nearly impossible from any 1 starting point.
I carefully engineered the algo with hacking in mind and I fully expect hackers to try but it's already taken care of.
This is ALL assuming that I'm dealing with a large user base.
If it's attacked in the bootstrap phase then yeah it's a problem.
I'm not sure of the timeframe that this will be actually "opened for business" as I'm still pushing through the analysis BS with the other application of this.
I took a 3 month break from that one because it's a TON of work.
It was a mindbender to port it over to that  but I'll skip the details.
It's another completely different mindbender for Trust but I managed to figure it out except for a few other things.

Stephen:
Yes it is possible for someone to rate someone else they don't know but they would need that person's ID code.
I envision ID codes to be freely available but the exact mechanism I haven't yet figured out.

Multiple identities are spotted simply by observing that an ID has few web connections (or none)(this quantity would be shown) and that the ID generally is not mature.
I have figured out that ID's cannot rate others until they are connected to the web (by others rating them) of at least 2, maybe more.
This would prevent a hacker group from creating their own web and jacking up ratings on some.
They would all show ZERO web connections and a legit user would see that.
I prevent this by requiring a certain web connect count before an out going rating can occur.

vertygo:
This doesn't solely have any application with bitcoin but in the case of otc it would.
It is however at the heart of all things that people trust and gives a way for people to rate and verify such trust.

I can't run a distributed database because of the nature of the queries that need to be run. It will need to be on a huge computer/ data center. Not sure why you want it to be distributed as it has nothing to do with anything. DDoS? Sure, any website can get DDoS. So does this stop Google or Amazon or me?

To your question:
you want to know if a specially crafted attack could be manufactured.
The attack you described would fail in a short time because in my algo the cream rises to the top and the crap sinks to the bottom.
Any 1 highly rated (or group of) person could of course be paid to rate someone highly.
The problem with this is that in the end the attacker (being a false actor) would get bad ratings and those who rated him highly would be negatively impacted.

I have found Vlad's posts to be of high quality.
Been reading for a month now.

You can get 400 MH from 1 of those 6950 if you flash the BIOS with the 6970's and overclock.
As far as your heat problem, it looks like you got an airflow problem.
My 6970 is overclocked as far as it will go and it peaks out at 72c but I have a 4U server chassis in an enterprise rack (open chassis top, 8 fans) and 4 fans at the top of the rack.
You might need to water cool it somehow.
80c is way too high.

Right now you are spending much more in power cost than you are getting by about 10-1.
You need at minimum an ATI 6970 card overclocked to about 400 megahash. That's what I got.
I get 1 coin every 3 days and it goes down consistently because of the increase in network power and difficulty increase.
I might end up with 50 BTC. It costs me $18/month in power and $400 for the card.
Paypal doesn't deal with BTC. You would need to trade it on an exchange.
You can look up current prices here:
http://bitcoincharts.com/markets/
Last I looked it was around $14/BTC and I expect it could go down to $9 in the next week.
I plan to buy around $300 worth and if you want to accumulate some this is the route I would suggest for you as well until you get a 6970 or 6990.
CPU doesn't matter...at all. NVIDIA cards are also crap for mining as I found out with my 450 gts getting 39 megahash overclocked.
My UPS says my system burns 513 watts with CPU near zero and mining full blast.
You would at some point seriously need to consider wallet management and security.
I have multiple wallets with the main one never hitting the system and all are locked up in triple cascaded truecrypt volumes.
My mining wallet is the only one open to any hacking attempt and it always has zero in it until I transfer 1 BTC to the main one.
There are too many security un-savy people trying to do bitcoins and lots of them are getting their wallets stolen so be aware and make a solid security method to protect any investment you might make. Always consider that your computer already IS hacked.