Yea for email GPG/PGP. For IM OTR, for VOIP ZRTP.

With a diffie-heilman agreement specifically? Or are you talking about GPG/PGP?

Yes exactly! This is a hugely necessary thing for the crypto currency world

LOL YES

That's great to hear. For a point of reference Canada and the European Union have both said that Bitcoin exchanges can currently operate without MSB licensing. In the US licenses are required, and AML/KYC reporting is top down. It is this jurisdiction I need your services for, as CA and EU are more lax (although we would operate like an MSB, following all the rules in anticipation of policy change).

Well if you are not comfortable allowing us to handle KYC then report them back to you, there is no other option.

In our scenario the optimal outcome would be as follows: you audit our system, check our credentials and we set up a way for you to view the legitimacy of our business and our dedication to following regulatory guidelines. We would do daily, weekly, or whatever frequency of audits of KYC/AML you would require to maintain this relationship.

Users would sign up for our site, we would confirm their identity/validate their credentials for AML/KYC and once complete they would send us either Bitcoins or a wire transfer (or some other method we have in place) to load their account. Our bank account with you would be a money market account, and our internal system keep track of where the money is allocated.

We would have scripts that checked for suspicious activity and we will have strict AML policing, down to the letter of the law in relevant jurisdictions.

edit: this is not to say they might not sign up for you bank at some point, but we would still handle the KYC/AML.


Oh don't get me wrong, it is still a great service, just doesn't service the needs of my business.

Okay, so our customers will need a bank account with you. I understand now, this is not nearly as flexible as I had hoped. Good luck guys, just don't expect my business.

Right, I get that part.


Okay, so you will not let people be agents of your license directly. That is a possibility in the real world, just to let you know.


Okay, but it is still not clear to me: if I ran Coinbase, for example, would all my customers need a bank account at your bank? Where do the KYC details get put? On our site then they are sent directly to you? Or do our customers have to go to your site first, set up a bank account, then they can use our services? This does not sound very appealing.

He has been advised not to post it. I will take a look at it in the coming days, report back what I can.

It was 13 pages, my friend doesn't remember seeing a confidentiality agreement. I'll see if I can get a copy.

Yea i was speaking RE safe-mail. but good looks on the source, thanks

Like Hushmail, safe-mail has a backdoor into their backend for LE. I know this for a fact, don't ask for sources

So a friend of mine looked at one of these subpoenas last night. They are very detailed documents, lot's of requirements but nothing seems to be out of MSB scope. I hope I am still right about this.

You're totally right about that. Ask most they will say NY has not accomplished what they set out to do.

Wow, I was really excited about this, but now I'm a bit confused and disheartened. Read:


So every fiat <-->crypto trade that happens on your "Excahnge Platform" through my [hypothetical bitcoin business] gets a fee tacked on by you? Even if I am making the market, not you? What is that fee/commission exactly? Is there a scenario where you would be willing to waiver the fee and instead we give you a lump sum of cash to be agents of your license autonomously? (in that scenario we would set our own fees and do KYC/AML ourselves and send you the details when audited - in this case our customers do not have your debit card or a bank account with you, they simply trust us with the funds). That is a response to this:


Thank you.

The only reason I will stand by my point in this conversation is because I have some (in)direct knowledge about the tech sector here in NY. For the past few (7-9) years quite a bit of discussion has gone on about how to make NY more attractive to technology companies. I even know a guy who spoke on panels on behalf of the tech community in front of state officials regarding this manner. Silicon Alley formed from this.

With technology follows money. Lots of it it. Many of the big VCs/angel groups dumping cake into Bitcoin businesses are here in NY, along with many of the companies listed in those subpoenas. These guys aren't they type to sit around and wait for someone to tell them it's okay to do something. They want answers to sure up their investments.

A beacon was sent out and this is the first formal response.

You can though, and the indicator of this in my book is the fact that many of these companies are non-operational. There is no indication of wrongdoing mentioned in the subpoena.

In fact...

Ignore all the mamzy pamzy anti terrorist nonsense and you get to what they are after: hey we see that our regulatory framework might not best suited for digital currencies and we are afraid to stifle innovation but we are also unwilling to allow illegal activity to go on. Please prove to us you aren't doing anything illegal and tell us how your business works so we can start to figure this thing out.

lol well that's not quite the story you led us to believe there was it...

Not necessarily. If you are speaking to a competent operator and they know you used their card via PayPal they will call a PP representative and coordinate their efforts. If they just go willy nilly and chargeback the transaction your scenario will play out, but hopefully that is not the case for most.

Stumbled across this paper, thought it would be useful here. I know 49% attacks and propagation delay have been brought up before, but this paper lays it out nicely.


http://www.tik.ee.ethz.ch/file/49318d3f56c1d525aabf7fda78b23fc0/P2P2013_041.pdf

The jist: In a 10,000 block interval, there were 169 forks, or 1.69% observed fork rate. This rate is dependent on network size of course–-the larger the network, the more random the topology and the greater the average distance between the nodes and the origin of a block becomes.

Alternatively, one could interpret this result in such a manner that each time a block is found, “the equivalent of 11.37 seconds worth of computational power of the entire network is wasted.” If you take this wasted computation power into account, the “effective computational power in the current network is 1−11.37/633.68 = 98.20%.” Therefore, control over 49.1% of the Bitcoin network is sufficient for a 51% attack. Note: 633.68 seconds = expected time between two blocks, see the model for how this number was derived.

So what can we do about it? Well first, Christian and Roger think that the message verification process can be compartmentalized and sped up by splitting it into two phases, When a message is received it is first passed through a ‘difficulty check’. This is simply validating the proof-of-work by hashing the received block and comparing the hash against the current difficulty targeting. Usually the transaction would now be verified and then broadcast to the network.

In this alternative scenario, however, once the difficulty has been checked the transaction can be rebroadcast THEN the transaction can be verified. This speeds up the propagation. Secondly, a improvement in propagation time can be achieved by immediately broadcasting incoming inv messages to neighbors.

Neither of these suggestions are without their downsides, however. Both of them open and close avenues of attacks against the network. Namely if information did not require validation attackers could send arbitrary amounts of data and flood the network, although I believe there are mitigation techniques for such attacks. Regardless, while these solutions may alleviate problems in the short term, Christian and Roger seem to think a more scalable long term solution must be found.


they on point? what do you guys think?