[ANN] Pink: Escort startup Series A share sale

[nitinum]

What do you think guys?

[bradpink]

Sorry, I always confuse these. What is the hard cap actually? Or what are them both?

Soft cap is the minimum that must be raised for the crowdsale to be considered a success, and the hard cap is the maximum amount that is accepted as investment in total.

Also, will the hard cap be encoded in the contract?

We've a goal of $1.5 mln for Series A in order to go directly to launch. The consensus seems to be that if we don't reach that, then we should instead work on creating a beta platform, show it off, while raising a Series B. In practice, what we'd do is issue a 2:1 shares bonus to all Series A investors, effectively cutting the price in half for them. Then we'd start a Series B a bit later at a price of $1.10.

The total number of shares is 23.45 million. 5 mln for Series A, 5 mln for IPO, 10 mln for potential future offers, 2 mln stock grants for hiring talent, 800,000 investor incentive shares, 600,000 founder shares. Unsold shares are not outstanding, and thus do not count when calculating market cap or dividends. At IPO, we expect there to be about 12 million shares outstanding.

The founder shares and stock grants are subject to a 50% 6 month and 50% 12 month lockup period. This ensures that founders and executives don't dump shares after receiving them.

We are looking at what we encode into a contract. We're excited about the possibility for smart contract corporate governance in general. But we're also a bit cautious, as many bugs have shown smart contracts to be a bit immature for trusting with a lot of money.

[Sword555]

This seems similar to the whole AshleyMadison fiasco, but with a much bigger focus on anonymity. So their problem was their database was hacked and everyones information leaked, how have you learned from that disaster and how will you approach data security? Using crypto probably eliminates the need for real names altogether right?

[QlooQl]

This is hilarious 

How many escorts know how to tie their shoes much less download, install and secure a wallet?

Or you want the pimps to do it for them Lawl! Or are we supposed to be the pimps since we invested in the system? I can see it now... Some big dude busting in the door because his computer gets a fatal exception error every time he tries to open the wallet, demanding his hard-earned money.

[bradpink]

This seems similar to the whole AshleyMadison fiasco, but with a much bigger focus on anonymity. So their problem was their database was hacked and everyones information leaked, how have you learned from that disaster and how will you approach data security? Using crypto probably eliminates the need for real names altogether right?

AM's security was amateur hour. Ours is not even in the same game. Read our article here: https://medium.com/@PinkApp/pink-app-trading-latency-for-anonymity-and-other-techniques-815ee21c6da4 Then tell me how an AM style exfiltration would work. There will be only 3 active people with server access (plus contingency system, but that will be publicly visible action).

TL;DR: Servers are pure RAM-based, no disks. Encrypted backups. Intrusion detection->auto shutdown. No routable IP, only Tor access for hidden service. Database is 2 Hidden Services deep, so it's Web Gateway->Tor HS1 (Web Server)->Tor HS2(data gateway)->DB.

Data access is gated by a cryptographic token unique to each user and rate limited. So even if you got network access on the app server, you would have to compromise user logins to submit data requests (no direct SQL).

This architecture is a bit of a pain to manage. It is not as uptime-friendly; if something goes wrong, we have to restore from backup. No internet access is tough, it means we have to create a change management request, audit it, then create a new container and deploy. But the security benefits are unrivaled.

[bradpink]

This is hilarious 

How many escorts know how to tie their shoes much less download, install and secure a wallet?

Or you want the pimps to do it for them Lawl! Or are we supposed to be the pimps since we invested in the system? I can see it now... Some big dude busting in the door because his computer gets a fatal exception error every time he tries to open the wallet, demanding his hard-earned money.

Escort work is a lot more involved than you understand and your rude statements simply do not reflect reality. Even then, we accept cash payments, and it's not expected that any end users end up being forced to use Bitcoin or Monero.

I don't know what you're talking about re pimps. Pink is completely anti-pimp.

[BuyingFast]

Judging by the answers from the OP, he's very technical and the kind of guy that you want to handle such a tricky project.

[tirailleur]

Hmm. "Servers are pure RAM-based, no disks." And where whole system will be stored at? Random shutdown or reboot of server will cause in devastating of data. This isnt acceptable both for customers and girls. All personal data will be destroyed, and you have to do backups every hour or even more often with service growth.
OP you disappointing me, first when i've quickly read your tech papers on medium, I've thought "that seems flawless", but then i've read this about RAM storage, and about two TOR gates within your system.
Did you know, that TOR cannot provide an acceptable bandwidth for a service like yours? Especially when there is two tor gates in the network.
So, your security/storage plan is not flawless, moreover it's vulnerable and way too complicated in service.
And i've found strange thing. How it could be truth that for 11 days of your ICO you've collected $400k and after creating bitcointalk thread you've stuck on 700 for days? Where was your main marketing campaign?

[bradpink]

Hmm. "Servers are pure RAM-based, no disks." And where whole system will be stored at? Random shutdown or reboot of server will cause in devastating of data. This isnt acceptable both for customers and girls. All personal data will be destroyed, and you have to do backups every hour or even more often with service growth.
OP you disappointing me, first when i've quickly read your tech papers on medium, I've thought "that seems flawless", but then i've read this about RAM storage, and about two TOR gates within your system.
Did you know, that TOR cannot provide an acceptable bandwidth for a service like yours? Especially when there is two tor gates in the network.
So, your security/storage plan is not flawless, moreover it's vulnerable and way too complicated in service.
And i've found strange thing. How it could be truth that for 11 days of your ICO you've collected $400k and after creating bitcointalk thread you've stuck on 700 for days? Where was your main marketing campaign?

Differential backups every few minutes or less. Basically stream the database log to encrypted backup. This is not hard. It is not something we invented. It is a very common approach for RDBMS.

If the server is breached or otherwise fails (random failures are scary - why is it random?) then we have to restart and restore. This is intentional. It provides the best security guarantees. Drop by our Slack and chat if you're not convinced. RDBMS data is small and restores quickly. Bigger data (photos) can be streamed from encrypted storage and does not delay restore.

Hosting via physical servers, not in Pink's name. This makes imaging them a very difficult task. Unlike VPSes which are easily imaged, including RAM.

Who claims things are flawless? I am not claiming our plan is flawless. I am saying it is vastly superior design and hard to improve without having a nation-state willing to back you legally. If you have particular criticisms, I want to hear them, please!

It is very common in ICOs to have a distribution heavily weighted to early and/or big players. Pink talked to people well before the domain was even registered. We have news articles in some huge mainstream tech and business sites coming out soon, plus some independent journalists. Sign up on https://seriesa.pinkapp.io to get updates - we have an update message coming out in the next 16 hours.

Tor will work fine. Aggressive prefetch and caching (encrypted to user access token) means few requests need to go all the way to the database. Plus we have some tricks up our sleeves to reduce latency. It is a challenge, but one we have figured out and feel very comfortable with.

[bradpink]

Sarah wrote a new article that explains some issues in escorting. Why is it hard work, and how can Pink help?

Read to find out: Challenges in the Business of Pleasure: https://medium.com/@PinkApp/challenges-in-the-business-of-pleasure-d22e9ec03b75

[bradpink]

Or VP of Product, Sarah Stevens, did an interview with the International Business Times: http://www.ibtimes.com/beyond-bitcoin-blockchain-tokens-sex-industry-2601252

[BuyingFast]

How many people work on this project part time or full time?

[bradpink]

How many people work on this project part time or full time?

At this point, approximately 10. I won't be more precise due to opsec concerns. We're mostly transparent, but about the actual people involved, every bit of obscurity helps maintain operational security.

[Sarah_PinkApp]

This is hilarious 

How many escorts know how to tie their shoes much less download, install and secure a wallet?

Or you want the pimps to do it for them Lawl! Or are we supposed to be the pimps since we invested in the system? I can see it now... Some big dude busting in the door because his computer gets a fatal exception error every time he tries to open the wallet, demanding his hard-earned money.

Clearly you have zero idea of any work that's involved in being an escort. Your ignorance is overwhelming.

[Sarah_PinkApp]

We've got some videos from providers in support of our product. Check them out here:

https://vimeo.com/238137997

https://vimeo.com/238114413

https://vimeo.com/238113796

[danBitcoin]

Is there any other ICO with Pink in its name?

There is Pinkcoin: https://pinkbuffaloz.com/

They have a pretty interesting blog post about their booth at BlockCon 2017, did you guys go?

[bananafana]

This is hilarious 

How many escorts know how to tie their shoes much less download, install and secure a wallet?

Or you want the pimps to do it for them Lawl! Or are we supposed to be the pimps since we invested in the system? I can see it now... Some big dude busting in the door because his computer gets a fatal exception error every time he tries to open the wallet, demanding his hard-earned money.

Clearly you have zero idea of any work that's involved in being an escort. Your ignorance is overwhelming.

I wouldn't worry too much about what the trolls/kids think.

[Sword555]

This seems similar to the whole AshleyMadison fiasco, but with a much bigger focus on anonymity. So their problem was their database was hacked and everyones information leaked, how have you learned from that disaster and how will you approach data security? Using crypto probably eliminates the need for real names altogether right?

AM's security was amateur hour. Ours is not even in the same game. Read our article here: https://medium.com/@PinkApp/pink-app-trading-latency-for-anonymity-and-other-techniques-815ee21c6da4 Then tell me how an AM style exfiltration would work. There will be only 3 active people with server access (plus contingency system, but that will be publicly visible action).

TL;DR: Servers are pure RAM-based, no disks. Encrypted backups. Intrusion detection->auto shutdown. No routable IP, only Tor access for hidden service. Database is 2 Hidden Services deep, so it's Web Gateway->Tor HS1 (Web Server)->Tor HS2(data gateway)->DB.

Data access is gated by a cryptographic token unique to each user and rate limited. So even if you got network access on the app server, you would have to compromise user logins to submit data requests (no direct SQL).

This architecture is a bit of a pain to manage. It is not as uptime-friendly; if something goes wrong, we have to restore from backup. No internet access is tough, it means we have to create a change management request, audit it, then create a new container and deploy. But the security benefits are unrivaled.

That's actually pretty impressive. I didn't know RAM based servers were even a thing.

[bradpink]

Is there any other ICO with Pink in its name?

There is Pinkcoin: https://pinkbuffaloz.com/

They have a pretty interesting blog post about their booth at BlockCon 2017, did you guys go?

We're looking a few upcoming conferences but nothing solid yet.

[bradpink]

That's actually pretty impressive. I didn't know RAM based servers were even a thing.

They aren't used because they are a pain in the ass. The trade off is not worth it for most enterprises. But if your threat model includes attackers physically raiding your datacenter then it makes sense.