CH

March 27, 2014

Why WoT? Why Now? The Bitcoin Immune System

Filed under: Uncategorized — @ 12:00 a.m.
Why WoT? Why Now? The Bitcoin Immune System

I frequently find myself asking people who are getting their Bitcoin businesses started "Hey! Have you gotten into the Bitcoin Web of Trust yet?"

The answer, with the rare exception is "I don't need that yet."

This is the wrong answer. By the time you need a Web of Trust identity, it will be far too late to actually acquire one. Identity being a function of who you know, what they think of you, and the duration of your association with your familiars, there's simply no way to shortcut the process of building trust. You have to stick around, be cool, get to know the other cool people, and make friends. Failing all of these tests labels you either a scammer or an aspie neckbeard incapable of chilling with the cool kids.

Tonight in particular and for at least a week running, #bitcoin-assets sustained either epic trolling or aggressive social engineering attacks. It started with the handles ninjashogun and CheckDavid socking the channel in pursuit of capital for some kind of crazy nebulously defined jobs board. Nominally a jobs board with some cuh-ray-zee matching of what skills people have on offer against the skills people need to buy. Obviously, no specifications for this mythical jobs board were ever actually released, but that's the hallmark of the fartup scammer: "I couldn't possibly reveal the undeveloped secret sauce of our fartup mission, otherwise others would figure it out and copy us!"

The interlopers tonight would be xdotcomm_ and tg2. The former claims he's doxxable from his name, and the latter has refused at every turn to dox himself. Given that I'm trivially identified from the link to my company's website on this very domain, and that Mircea Popescu' trivially doxxable, davout is trivially doxxable, jurov and kakobrekla the same…it's a tough row to hoe refusing to identify oneself, especially after comments like:

tg2:no I have 20 people working for me here that work on in-house projects

So why put yourself in the web of trust? Well, if you want to do anything on an international scale, which is to say anything outside of the US (which is a non-entity as far as Bitcoin goes at the moment, Silicon Valley's loud and obnoxious claims to the contrary notwithstanding), or buy/sell bitcoins without the United States Government getting all up in your business claiming that your virtual things are their things to own and tax in the same way they own and charge rent on all property in the North American continent, you'll need to make friends with either some interesting people you meet on your own or the badass motherfuckers on IRC.

But! On the internet, nobody knows you're a dog. To that end, you'll have to build up a reputation. That reputation will be a function of the people with whom you work and the work you do for them. In recent memory, precisely one person has shown up willing to create a GPG identity. That person was rewarded with short term loans at pretty good rates for their rapid compliance with the rules and cultural mores of #bitcoin-assets. Repaying those loans (the trivial amounts) will cement this individual's entry into the WoT.

The two individuals who showed up tonight took HUGE OUTRAGE at the suggestion that they should bother to create identities. "Why? It's just a GPG key! Anyone can create a GPG key! Come at me fagbro!"

Such outrate demonstrates a failure to understand what the web of trust is and what purpose it serves. The web of trust is a surfacing of the connections between individuals who truck in the Bitcoin space, and a rough proxy for who knows whom. All it guarantees is that the holder of a key is in fact the holder of that key, and that the ratings of other keys were in fact issued by the holders of those keys.

This system provides no guarantees. Nobody's cumulative rating is worth anything. All the WoT can do is highlight the people you know who also know some other person. If nobody you know knows another person of interest, you should probably consider that person an outsider and interloper, and any assault on the social legitimacy they launch must be caught and neutered swiftly.

<xdotcommer> ahahha this guy tells us to register then makes fun of us for not having rating in their system

Well, duh. You're wasted and making a fool of yourself. Explaining the complexities of the thing would be a waste of everyone's time at this junction. Since you ask, though…

One cannot issue ratings until one is rated oneself. This is a useful feature that prevents a lot of misuse of the system. If scammers cannot stuff the WoT database with their sockpuppets, they cannot artificially inflate their ratings. Granted, the mechanism is weak and easily gamed, but the simple presence of a barrier reduces much malfeasance.

I digress.

Why WoT? Why now?

WoT because you're nobody in -assets or -otc or anywhere else in the Bitcoin space without one. Nobody really cares if your identity is pinned to your "real life" personhood (above comments regarding doxxing notwithstanding), the only thing that actually matters is that the keys remain controlled by one entity and one entity only.

Now because the best time to plant a tree is twenty years ago, and the second best time to plant a tree is right now. If you want to ship a thing across the ocean in five years and you failed to take the opportunity to open your Web of Trust when you read this post you will kick your own sorry ass from here to Timbuktu. For you had the opportunity, people of wisdom delivered their wisdom into your lap and you chose to ignore them. Not that I'm wise, I just parrot them.

So. Create some GPG keys. BingoBoingo has some excellent guides on the topic over at http://thedrinkingrecord.com. Use them to get into the #bitcoin-otc web of trust. If you get confused, stop in at #bitcoin-assets on irc.freenode.net. We'll prickle and all of the immune systems will kick into overdrive if you get uppity without making your obeisances (of course), but be polite and we'll be more than happy to walk you through the process. Sheeit, even the two knuckleheads who stopped by to ruin our Wednesday evening eventually got the help they needed to derp through the registration process.

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Reply

« Arrival --- How to (actually) "learn programming" »