My open letter to Bitcoin Foundation

[lucif]

About strong move, security and responsibility from the point of view of speculant.

You all know what happened right after price bump in Jun 2011. Mtgox got hacked.

Because unknown service coded on knees was not valued in hackers while bitcoin didnt have significant value. But since bump, MtGox security gained value in hackers' eyes. They realized that there are millions of dollars located there and nobody there doesn't mind about security. And we got what we got.

The same stuff with pirateat40, bitcoinica and others. Anonymouse nature of bitcoin destroys any responsibility in service owners mind.

There is no central authority in Bitcoin which will force services to complete identification and force to meet security standards like PCI-DSS like it is done in payment card industry by banks and VISA.

And what does Bitcoin Foundation do about that? Nothing. They just scream about bitcoin price gaining value 100500% in press release.

They dont realize that if Bitcoin will get $100 in value - 80% of bitcoin services will be hacked and scam people for money due lack of security and resposibility.

All major drops were due to or accelerated with some big service fuckup.

Bitcoin will not get enought liquidity on market until Bitcoin Foundation will not bring to community central advisory authority for bitcoin centralized services.

It must force services to meet security and responsibility standards.

It should put site seal for approved services which hints common users that service is verified and keeps security standards.

It should widthdraw site seal from services which ignore users complains or security standards and identification procedures. This will hint common users to be careful with this service.

I think I dont need to explain, that wide usage of Bitcoins needs price stability - coz everyone fear volatility.

And price stabilty only may be reached with enough liquidity on market.

But enough liquidity on market can't be reached without people trust in centralized services. They just scaried to do this. They fear scam.

So we need a service which will verify, identify and watch for keeping security stadards by existsting verified Bitcoin centralized services.

Please provide us with one. Thanks.

[klaus]

I would suggest become a member and get elected/vote to bf-board.

[casascius]

My apologies if English is a second language, but you might be wise to solicit help (possibly for a bounty) - both with English and with constructing a coherent argument (a language-independent skill).  You may have a good point, but many won't see it due to the noise, sorry.

[lucif]

My apologies if English is a second language, but you might be wise to solicit help (possibly for a bounty) - both with English and with constructing a coherent argument (a language-independent skill).  You may have a good point, but many won't see it due to the noise, sorry.

Appologizes accepted. English is my second language.

[lucif]

I would suggest become a member and get elected/vote to bf-board.

I don't try to be a member of premium club, I am just private person with my own interesets.

Bitcoin needs to be widely used, no?

Widely used means it has low volatility - ppl dont fear to save bitcoins on monthly basis.

Low volatility reached by high liquidity.

High liquidity reached by trust ppl in services.

And ppl trust reached by responsibilty of such services (which is absent).

And resposibility reached by centralized autority.

Genius is simple.

[lucif]

Wait isn't the bitcoin foundation suppose to help the bitcoin community, when did it turn to an elite country club? This is why I would never pay for the bitcoin foundation, they are becoming elitist already. So sad...

If my proposal will be supported by community, this will be community proposal.

If Bitcoin Foundation ignores community proposals - i wish to ignore that organization.

[ThomasV]

if you are not satisfied with mtgox, use another exchange. this will bring liquidity there

[lucif]

This is just example of slovenliness. The main thing isnt related to gox.

[lucif]

THIS IS NOT COMPLAINT ABOUT GOX Just forget it.

I'm talking about Bitcoin future.

[lucif]

I am familiar with Payment Card Industry Security Standard (PCI DSS), how banks forcing merchants follow this standrard before they provide APIs.

I offer to do same organization with Bitcoin.

Which will verify services like gox, force them to keep security stadards and provide identity of responsible persons.

This will bring a trust to Bitcoin legal economy.

Liquidity comes with trust.

Stability comes with liquidity.

And wide usage of Bitcoins comes with stability.

I hope i will not have to reapeat this again

[myself]

problem0 numero 1 (i can add some later if i get payed  )

this can generate the same problem that "pay in 90 days" did for fiat world business, since the law say pays in maximum 90 days few business do pay earlier if you ask why the reply is "because the law say so", IF BF set the minimum standard in security practices and Bitcoin business gain the seal of approval there is not much incentive to do better, so this can become a source of stagnation, if shit happens BF can take some blame because it got a low/bad standards.

Seal of approval is a marketing tool for the Joe, this will have the same effect like "seen on tv" stamp on ads, "advanced" Bitcoin users can look more and ask about each Bitcoin business security practices , research for details etc, Joe wont, he will be happy with the seal of approval, when shit happens Joe will blame and point his anger to BF.

[repentance]

One problem I see with your proposal is that some of the BF board members are also operators of high profile Bitcoin services, and there would be real or perceived conflicts of interest in them endorsing Bitcoin services in general.  If you put them in charge of writing and enforcing standards, the accusation will be levelled that the standards will be set at a level which they can easily reach but which newer, smaller services cannot.

These businesses are tiny by real world standards and the costs of compliance with the kinds of standards you're talking about are not trivial.  Very, very few existing Bitcoin services would have the capacity to meet such costs at this point in time - you're just going to create the very kind of monopolies which Bitcoin seeks to avoid or people are going to ignore official endorsement rendering it pretty much useless.

Yes, it's desirable that Bitcoin services hold themselves to high standards in terms of security.  No, it is not realistic to expect that they can spend more than their individual businesses are worth on the kind of security used by conventional financial institutions.  

Payment card industry standards aren't even especially relevant to many of the Bitcoin services you've mentioned.  The major risk comes from them acting as deposit-taking institutions, even though that is not their core business in most cases.  It's not at all the same as the card issuer>acquirer>transaction processor cycle.

[lassdas]

some of the BF board members are also operators of high profile Bitcoin services

That's exactly what i thought.
It's the owners of those businesses you want to be forced/verified/whatever that are also board-members of the Foundation,
so what you ask for is, that they control and verify themselves.

Doesn't really make much sense to me.

[lucif]

problem0 numero 1 (i can add some later if i get payed  )

this can generate the same problem that "pay in 90 days" did for fiat world business, since the law say pays in maximum 90 days few business do pay earlier if you ask why the reply is "because the law say so", IF BF set the minimum standard in security practices and Bitcoin business gain the seal of approval there is not much incentive to do better, so this can become a source of stagnation, if shit happens BF can take some blame because it got a low/bad standards.

Seal of approval is a marketing tool for the Joe, this will have the same effect like "seen on tv" stamp on ads, "advanced" Bitcoin users can look more and ask about each Bitcoin business security practices , research for details etc, Joe wont, he will be happy with the seal of approval, when shit happens Joe will blame and point his anger to BF.

Security standard may be just copy-pasted from PCI-DSS with minor changing points about CVV2 storage changed to wallet storage. I think this standard could be easily adopted to Bitcoin.

Another question is responsibility. Someone have to take that. Otherwise there is no legal way for Bitcoin in the World. And I propose this to be taken by BF child organization. Lets call it  Bitcoin Superviser (BS) here.

BS takes resposibility for site seals it will give to bitcoin services. It should have a resposible contact from merchant/service whos will be asked for fuckups.

Without resposibility Bitcoin has no legal future, no trust, no liquidity, no stability.

I ask all for resposibility.

[lucif]

That's exactly what i thought.
It's the owners of those businesses you want to be forced/verified/whatever that are also board-members of the Foundation,
so what you ask for is, that they control and verify themselves.

Doesn't really make much sense to me.

Well, I see I have to explain people what is resposibility.

Responsibility is an acknowledgement that all aftermaths of your doings were caused exactly by your doings.

Person who takes resposibility inspires trust in people.

If BS will give seals to anyone without resposibility - it will discredit itself as fundamental organization.

If BS will give seals to services WITH resposibility, with asking them to keep standards and forcing them to keep them, asking them for faults - it will be the center of trust.

I dont ask for centralization! I only ask to do this only with centralized services of Bitcoin - to be them subordinated to BS. This could bring trust, liquidity, stability and wide usage of Bitcoin in the world.

[repentance]

That's exactly what i thought.
It's the owners of those businesses you want to be forced/verified/whatever that are also board-members of the Foundation,
so what you ask for is, that they control and verify themselves.

Doesn't really make much sense to me.

Well, I see I have to explain people what is resposibility.

Responsibility is an acknowledgement that all aftermaths of your doings were caused exactly by your doings.

Person who takes resposibility inspires trust in people.

If BS will give seals to anyone without resposibility - it will discredit itself as fundamental organization.

If BS will give seals to services WITH resposibility, with asking them to keep standards and forcing them to keep them, asking them for faults - it will be the center of trust.

I dont ask for centralization! I only ask to do this only with centralized services of Bitcoin - to be them subordinated to BS. This could bring trust, liquidity, stability and wide usage of Bitcoin in the world.

There is absolutely nothing preventing existing Bitcoin services from forming a professional organisation which requires its members to adhere to specific standards on a whole range of issues.

It should never be the role of Bitcoin Foundation to endorse individual services, although it should probably play a role in facilitating discussion about central issues affecting Bitcoin including desirable security standards and perhaps publish discussion papers on those issues from time to time.

Apart from anything else, it's almost impossible to play a standards oversight role without charging a fee to evaluate organisations for endorsement - you need qualified people to evaluate those applications and to assess whether organisations are actually complying with standards as they claim.  BF really isn't the appropriate body to do that given the composition of its board.

Likewise, the endorsement becomes absolutely meaningless the minute that an organisation which has been endorsed fails - and that will happen because the majority of new business ventures do fail.  An endorsement isn't going to help people get their money back - it may well lull people into a false sense of security, though.

You'll get responsibility when there are real world consequences for losing other people's funds - something a "tick of approval" can't address.

[lassdas]

I only ask to do this only with centralized services of Bitcoin..

You ask to do this to centralized services only, but aren't they all centralized?
Tell me about one service that isn't. 

[lucif]

I only ask to do this only with centralized services of Bitcoin..

You ask to do this to centralized services only, but aren't they all centralized?
Tell me about one service that isn't. 

silk road

[lucif]

There is absolutely nothing preventing existing Bitcoin services from forming a professional organisation which requires its members to adhere to specific standards on a whole range of issues.

It should never be the role of Bitcoin Foundation to endorse individual services, although it should probably play a role in facilitating discussion about central issues affecting Bitcoin including desirable security standards and perhaps publish discussion papers on those issues from time to time.

Apart from anything else, it's almost impossible to play a standards oversight role without charging a fee to evaluate organisations for endorsement - you need qualified people to evaluate those applications and to assess whether organisations are actually complying with standards as they claim.  BF really isn't the appropriate body to do that given the composition of its board.

Likewise, the endorsement becomes absolutely meaningless the minute that an organisation which has been endorsed fails - and that will happen because the majority of new business ventures do fail.  An endorsement isn't going to help people get their money back - it may well lull people into a false sense of security, though.

You'll get responsibility when there are real world consequences for losing other people's funds - something a "tick of approval" can't address.

Well, i thought its a BF mission

https://bitcoinfoundation.org/about/

[franky1]

ok i officially give lucif a seal of approval



now what??

shal we remind you of bitcoinica, bitcoinsavings and trust. they could all meet the security standards and pay a fee to get a seal.. but still end up where they ended up