NXT :: descendant of Bitcoin - Updated Information

[CIYAM]

So, this depends on the assumptions about the processing power the attacker has? Then one never knows...

True - the question is whether or not we can do any better than just using the block sig. for x + 1440 (current thinking).

[BrianNowhere]

I already have (client side) contacts in my web client. Check it out. An asset will show up as issued by "Bob" if you have set that person up as a contact.

Ok I went into the assett exchange and clicked on "assett issuer" which gave me the issuers public address. I then went in a created a new contact with that address and named it "BOOB SELLER".

What I think might solve a lot of the problems you are referring to is if now when I went back into the Asset Exchange and looked at BOOBS
that any assets being issues by "BOOB SELLER" would be readily apparent in that window. I'd know "BOOB SELLER" was a trusted vendor of boobs and would choose his assets. Would also be nice to be able to filter the BOOBS sell order so only "BOOB SELLER" showed up there so I know that if I buy BOOBS I am only buying them from that seller..

Well there is right click , add to group functionality in the sidebar.

Yes, but this appears to add BOOBS to a group, but doesn't seem to be tied to one particular issuer of boobs?

I guess what I am saying it that the ASSET ISSUER (array?) is tied to the issuers unique Nxt address which seems like it would provide a way to tell who you are buying the asset from and thereby the non-unique asset names can be identifiable as being issued by a unique entity by the unique Nxt address it's coming from.

If "Bob's BTC" owns 9234904623235235235 Nxt address, then any BTC asset issued by them would be identifiable by seeing it's issued by
the address 9234904623235235235, which the user could then permanently identify by connecting 9234904623235235235 to the contact name "BOB's BTC"

Once the user has done this, anytime they look at ASSET ISSUER it will say "Bob's BTC" there instead of a hard to remember address.
From there the user should be able to only buy BTC from the issuers they choose.

[mthcl]

@CIYAM, @CfB, @ChuckOne, ..., - can you comment on this randomization procedure I proposed on the previous page?

First X accounts (w.r.t. the inverse weights) choose some "random" numbers locally, and publish their hashes. X is supposed to be large enough so that the bad guy would never control exactly all of them. Then, they publish numbers themselves; if the published number does not correspond to the hash or is not published at all, then the corresponding account is heavily penalized. If that happens for at least one account, the whole procedure is invalidated (and we wait for the next try).

[CIYAM]

Once the user has done this, anytime they look at ASSET ISSUER it will say "MICROSOFT" there instead of a hard to remember address.

Of course that is how you'd expect a UI should work.

[Jerical13]

Service providers will rate all assets traded, if someone uses ciyam.ciyam and it is verified that this is in fact not you, and he sues this asset without good reason other than to scam, the service provider can in fact "blacklist" the asset (and the alias), solving the issue.

This isn't in existence (such service providers) and "blacklists" are *never a good way to go*.

Please stop trying to push for this "unique name" and let other methods be developed as we progress.

Note that if every 2nd generation platform does the same thing (allow unique names) then you'll never be able to trust "the same name" on any 2 platforms (so all such *brands* have become *useless*).

Just because there are no current providers for these types of services doesn't make it a reason to exclude the potential for there existence. It is error to assume that  private business and enterprise is "never a good way to go", and this option should not be excluded whether asset names are unique or non-unique. The market should decide for itself what is or isn't a good direction.

[CIYAM]

First X accounts (w.r.t. the inverse weights) choose some "random" numbers locally, and publish their hashes. X is supposed to be large enough so that the bad guy would never control exactly all of them. Then, they publish numbers themselves; if the published number does not correspond to the hash or is not published at all, then the corresponding account is heavily penalized. If that happens for at least one account, the whole procedure is invalidated (and we wait for the next try).

Sorry - I hadn't noticed that post - looks like something that we should think about.

[CIYAM]

The market should decide for itself what is or isn't a good direction.

How do you propose that decision should be made?

Auction it?

Vote on it?

We've pretty much already come to the conclusion that "you can't change this" once you've launched it (in which case the "market decision" might be a Nxt "clone").

[abctc]

Twitter kind of had the same problem with usernames, and everything is fine.Even some big companies had to add a number or letter to their brand name,because it was already taken, or buy it for not a lot of money,as it isnt such a big problem.Then the name that appears on your profile can be repeated,and people is used to going to the official website or googling to verify which account is the official one of who they want to follow. They follow it,and never see fake ones again.

- agree!  Keep it simple ...  JL, please return the unique names.

[Sebastien256]

Well, there is more to consider. Humans and machines need to uniquely identify an asset.
For machines, a cryptic number is okay. They simply do not care.
For humans, that numbers are not. They need readable and catchy names.

+ 1440 !!  I wonder, why it isn't obvious for all...

There *will be a readable* name - the choice is one of two:

Microsoft (a fake but readable name)

or

Microsoft:12334
Microsoft:12345

Uh oh? What it this - seems I need to find out more.

Which method is "helping" the end user to get *scammed* and which is not?

Finally, the idea of unique alias tied to asset name is a bad idea. It clear that this solution is problematic, this problematic is the same as the unique asset name.
The only method that will be working is to allow free registration  of non-unique asset full name (prefix+suffix). The user should not be taken as dumb. Let the user find out what is the good asset. At first it will be difficult to find the good one, but eventually, when we can sort the asset by volume, it will be easy to find which asset are good and the one that are not good. Volume is like massive positive Vote.

Anyway, if wesley want to do his client like this. It is his choice in some sense. If this solution is not working well, another client will find another solution or he will adapt his client. As long as in the Nxt core, asset name are non-unique, Nxt is strong I think.

[CIYAM]

Keep it simple ...  JL, please return the unique names.

Keep it simple for *scammers* is what you are actually saying - I think JL changed it because of this exact point.

An Asset is not a Twitter account - people are likely to end up buying fake shares (rather than reading a wrong tweet) - will you be refunding anyone who gets scammed?

[Come-from-Beyond]

@CIYAM, @CfB, @ChuckOne, ..., - can you comment on this randomization procedure I proposed on the previous page?

First X accounts (w.r.t. the inverse weights) choose some "random" numbers locally, and publish their hashes. X is supposed to be large enough so that the bad guy would never control exactly all of them. Then, they publish numbers themselves; if the published number does not correspond to the hash or is not published at all, then the corresponding account is heavily penalized. If that happens for at least one account, the whole procedure is invalidated (and we wait for the next try).

Won't work if the penalty < reward.

[Damelon]

Twitter kind of had the same problem with usernames, and everything is fine.Even some big companies had to add a number or letter to their brand name,because it was already taken, or buy it for not a lot of money,as it isnt such a big problem.Then the name that appears on your profile can be repeated,and people is used to going to the official website or googling to verify which account is the official one of who they want to follow. They follow it,and never see fake ones again.

This is a use case that basically clinches it for me.
Thanks for being a beacon of common sense.

[Jerical13]

\Service providers will rate all assets traded, if someone uses ciyam.ciyam and it is verified that this is in fact not you, and he uses this asset without good reason other than to scam, the service provider can in fact "blacklist" the asset (and the alias), solving the issue.

That's relying on centralized third party? What if govt charges that third-party service provider because they didn't black list pot sellers, for example?

Why not let users do his own research and force them to add trusted account to his list?  No third party involved.

There should be accommodation for both scenarios. If people want to conduct trades under there own identifications of trusted sellers, then they should have that sort of functionality available.

This should not exclude the participation of third party service providers though. "Centralized third party" is a misnomer. It could only be considered "centralized if users didn't have other options to fill there needs, or if the network were to favor one service provider over another and not be a platform that allowed for fair competition between third parties. It would be more centralized to try to make the trust variable inherent in the functioning of the AE itself and not give users as many options as possible, including third party providers, or other potential options.

[BrianNowhere]

On the asset name controversy, am I being dense? Wouldn't an asset from a given entity always be issued from a Unique Nxt address, therefore making it very easy to tell who is issuing that asset?

It seems like an easy matter to set up the AE to only show assets from Nxt Addresses you have indicated you trust and to only purchase assets from them and also to clearly be able to show who is issuing that asset.

If Microsoft owns Nxt address 3498343485498 then you should be able to make sure that any time you are buying MSFT that you
are only buying it from Nxt address 3498343485498

I'm not getting why this is such a controversy.

[abctc]

There *will be a readable* name - the choice is one of two:

Microsoft (a fake but readable name)
or
Microsoft:12334
Microsoft:12345

Uh oh? What it this - seems I need to find out more.
Which method is "helping" the end user to get *scammed* and which is not?

- no.  You propose this choice:

Microsoft (a fake ? a true?)
Microsoft (a true? a fake?)
or
Microsoft:12334
Microsoft:12345

I think your decision (non-unique name) is helping the end user to get scammed.

[CIYAM]

This is a use case that basically clinches it for me.
Thanks for being a beacon of common sense.

Again an Asset is not like an email account or like a twitter account - so that is a very bad analogy.

Here then is my "compromise" solution:

Asset names are just Alias names - so anyone who didn't already get their alias - tough luck.

Let's just piss of every single business and individual rather than "try something different" because "we would rather help those who squatted on the aliases".

So fine then - let's help them *more*.

[Sebastien256]

On the asset name controversy, am I being dense? Wouldn't an asset from a given entity always be issued from a Unique Nxt address, therefore making it very easy to tell who is issuing that asset?

It seems like an easy matter to set up the AE to only show assets from Nxt Addresses you have indicated you trust and to only purchase assets from them and also to clearly be able to show who is issuing that asset.

If Microsoft owns Nxt address 3498343485498 then you should be able to make sure that any time you are buying MSFT that you
are only buying it from Nxt address 3498343485498

I'm not getting why this is such a controversy.

+1
Yes that is the point. There is no need to make the asset name or suffix unique. That will only encourage scammer.

[Anon136]

Twitter kind of had the same problem with usernames, and everything is fine.Even some big companies had to add a number or letter to their brand name,because it was already taken, or buy it for not a lot of money,as it isnt such a big problem.Then the name that appears on your profile can be repeated,and people is used to going to the official website or googling to verify which account is the official one of who they want to follow. They follow it,and never see fake ones again.

- agree!  Keep it simple ...  JL, please return the unique names.

No this would be the furthest thing from simple. People would be squatting all over the place, not just on the first option but they would intentionally target every other option available to you and you would have to bargain with a monopolist inorder to get your domain. The solution we have worked out is a very good one. It is not complicated, atleast not in practice. With this idea assets do have unique names. of course i mean how else could you tell the network what you are buying and selling. we just have an additional field, call it a label, that people can sort through. The earliest people to become involved in an asset will need to be cautious and check an outside source to make sure that the "true name" is accurate, but later comers will not because the client will be able to automatically sort by volume or fees payed or something which gives them strong anecdotal evidence for which asset is the real deal and early adopters aren't going to be newbies anyway.

this is a very good solution that will not be complicated in practice.

[Sebastien256]

There *will be a readable* name - the choice is one of two:

Microsoft (a fake but readable name)
or
Microsoft:12334
Microsoft:12345

Uh oh? What it this - seems I need to find out more.
Which method is "helping" the end user to get *scammed* and which is not?

- no.  You propose this choice:

Microsoft (a fake ? a true?)
Microsoft (a true? a fake?)
or
Microsoft:12334
Microsoft:12345

I think your decision (non-unique name) is helping the end user to get scammed.

Nope you are wrong, it will force user to make the right choice (unique asset id anyway). No one want to get scam and sort by volume solve this issue easilly in the long run.

[Anon136]

There *will be a readable* name - the choice is one of two:

Microsoft (a fake but readable name)
or
Microsoft:12334
Microsoft:12345

Uh oh? What it this - seems I need to find out more.
Which method is "helping" the end user to get *scammed* and which is not?

- no.  You propose this choice:

Microsoft (a fake ? a true?)
Microsoft (a true? a fake?)
or
Microsoft:12334
Microsoft:12345

I think your decision (non-unique name) is helping the end user to get scammed.

Nope you are wrong, it will force user to make the right choice. No one want to get scam and sort by volume solve this issue easilly in the long run.

thankyou sebastien