Identity and Genesis DAO: KYC, full names, pseudonymous, anonymous?

This thread is intended to continue the conversation started with this proposal: https://alchemy.daostack.io/dao/0x294f999356ed03347c7a23bcbcf8d33fa41dc830/proposal/0x47d16bab9af5551f9ac10b13e32726ceefe6c01152a9b9da01626172d9afda2e

The the corresponding drama that has ensued. Here is the TL;DR:

  • 19K GEN were staked on this proposal
  • New proposals have been submitted testing the thesis that “pseudonyms are ok”: here is a screenshot of what Alchemy looked like this am, with red boxes indicating pseudonyms: http://prntscr.com/plm0ue
  • A series of proposals was submitted by “KnowYourDAO”: 1) first proposal (quite entertaining) which claims is a signaling proposal to confirm whether or not Genesis DAO has “DAOsclerosis”: ie “We have a BIG PROBLEM (sibil attacks), we REJECT easy SOLUTION (Which is a minimal form of identity), with NO alternative solution.”, 2) This proposal to fork Genesis DAO with a KYC version, 3) A pseudonym REP request proposal from the same individual.

Finally, there was additional proposals submitted by " HumanRightsDAO", namely a signaling proposal looking to confirm that whether or not “privacy is a human right” should be part of DAO values.

My opinion is as follows: because we are susceptible to sybil attacks, we CAN NOT have pseudonymity right now. It doesn’t make sense, and will prevent us from growing. I prefer the idea proposed by @Itush which is to just use FULL NAMES, with a signal of intent to move towards pseudonymity once we have a protocol that can handle it.

COMMENTS BELOW PLEASE.

3 Likes

What form does a Sybil attack take in the GenesisDAO? A bunch of “people” begging for REP without ever doing any POW? I’m unclear what the actual issue is here with being anonymous or pseudononymous with respect to:

  1. Submitting a proposal
  2. Requesting REP/ETH/GEN for doing something useful

What actual problem does using a full name solve here?
Why don’t we fix the elephant in the room right now instead of forcing full names on early adopters and then allowing fast followers/laggards to do whatever? This seems like a pretty high candidate for priority 1 attention regarding governance (to me). It’s nuts-and-bolts functionality.

As an aside - I never use my full name on forums, random chat channels etc. I have close to zero “social proof” of existence because I value my privacy somewhat. I also don’t use the same pseudonym across platforms. Does that mean the GenesisDAO does not want my participation? Or should I come back later if I want to help?

2 Likes

I would ask DAOtalk participants to stop using the term KYC unless they actually mean it. The term comes out of the AML (anti money laundering) trans-national efforts for financial system monitoring and surveillance, with the aim of curbing the attempts to hide proceeds of criminal activity and to avoid taxation of profits from both criminal and common enterprises.
As such, it’s a requirement imposed on banks by the regulators, to establish detailed ownership and the ‘ultimate beneficiary’ of the funds and to track and report activity and transactions that could be suspect. In other words, they shift onto banks the burden to see through shell companies and to report on their customers in the course of business. Some of the national agencies involved in these types of oversight are FinCEN in the US under the Treasury and FINMA in Switzerland.

This terminology got pulled into the domain of cryptocurrencies through the banking relationships of the exchanges, for the fiat transfers between the customer and the exchange banks. This is orthogonal to the securities designation of coins and tokens, as the regulators like the SEC have requirements for the brokerages to ascertain customer’s financial status and investment experience, in relation to the “suitability”.of investment choices, e.g. accredited or qualified investor status. Again, this is separate from establishing the customer identity for the purposes of tax reporting and withholding.

What does all this have to do with DAOs? NOTHING

I see two separate concerns that the members of Genesis can have - proper use of accounts with REP and financial responsibility of the recipients of fungible grants.
If one could simply sign-up with an ETH address and receive REP (and ETH), a certain population would start creating such en-masse, at a minimum stranding the tokens and at worst affecting the outcome of votes.

Current core membership of the Genesis DAO includes several DAOstack employees and European DAO enthusiasts who know each other personally by now, having gone to the same Meetups, conferences and events. At a minimum, everyone’s a friend of a friend. They have a large and often overlapping online presence, not only on consumer social media sites but on professional online environments, like Github or LinkedIn. This network effect is amplified by the regional proximity and the prevalence of OSS techies and crypto enthusiasts. So identity confirmation and suitability assessment happens partly off-line and entirely off-chain. This is wonderful but simply does not scale.

The current system of the social proof via online presence is predicated on the candidates using similar outlets in a similar fashion, and very substantial individuals do not. Some cybersecurity or financial professionals have no online presence as an OpSec choice. Academics in a range of disciplines have never heard of Github or Reddit and would think that Twitter is Facebook for ADHD preteens.

Let me suggest that since personal references are already playing a huge role, but perhaps behind the scenes, we make them more explicit, as a supplement or a possible alternative to the ‘social media proof’’.

Perhaps we should look at Keybase as an online resource for constructed identity.
Unlike the proprietary Telegram beloved by spammers and scammers, DAOtalk Discourse verifies email, so perhaps candidates can be directed to spend some time there and cross reference the account in the application proposal. None of this will stop dedicated practitioners of social engineering, but we do raise the bar somewhat.

More importantly we should reduce the enticement by granting initially only say 10 REP for a “candidate” status, but provide a clear path to grow it to 100 and more, through participation in designated channels, voting on proposals, completing small tasks. Then, say after 60 days there can be an expectation of another proposal to a full status, with a corresponding REP level. Also, I think that 0.05 ETH is too much by a wide margin, only necessary for people who use the default fee settings. Some people in poorer regions will setup accounts just to get that, and the only reason you are not seeing a hundred of those today is that the word did not get out yet.

Separate entirely is the question of sending 1000 DAI to someone you never met, on a promise of some future work. Having solid identification and contact information seems only prudent but likely insufficient. Personally I’d never pay a new vendor up front, unless they were established and it was for a purchase of a COTS item. I’d aim to pay on delivery but may consider a deposit of at most 20%, with the balance upon completion. A better formula is progress payments, with say 40% mid-way and the balance on complete delivery. Of course, by the time it’s our third gig, all the terms are up for discussion.

Apologies in advance for possible misunderstanding of the problem here (I just arrived here yesterday), but you mentioned that the (physical) identity confirmation does not scale. Partially true, because a friend of my friend may be my friend too, and so the DAO web of trust propagates with every major DAO event and people introducing themselves, just like PGP key signing. One travel of anyone you met (and trusted) previously carries the trust further.

Without the established identity and the signing protocol of work, how can we be certain that the assignment was carried out by the person who committed to it, rather than by a (hired) proxy?

Also, in a recent proposal of today for Genesis 1.0 and generating REP on GEN stack, you can (and will) effectively “buy” the reputation for money, so KYC term would be applicable, perhaps even mandatory?

To play devil’s advocate - who cares if an “assignment” was done by proxy as long as it was done? Why can’t I use my superpowers to subcontract work as I see fit, and then “sell” it to the DAO?

If it was disclosed within the proposal, I do not see a problem since it was voted upon with full clarity. Otherwise it was voted upon not knowing that the (unknown) 3rd party will be involved, so how could one assess the probability of a successful delivery?

I’m surprised that it is even controversial whether getting work useful to the DAO done involves efforts of others, paid or bartered or whatever, rather than only the direct labors of the one individual member. For a substantial contribution, I’m most certainly going to read a broad set of stuff online, look at previous work of my own, and of people and organizations I am affiliated with and so most familiar with their work, consult experts who may also be business associates.
Ask colleagues for feedback, maybe run it past experts in editing or graphical design. This is how quality work gets done always, so what’s the controversy?

In any case, with the upcoming institutional and investor participation in control over REP, the whole question falls away.

If it was disclosed within the proposal, I do not see a problem since it was voted upon with full clarity. Otherwise it was voted upon not knowing that the (unknown) 3rd party will be involved, so how could one assess the probability of a successful delivery

That argument does not make sense. Are you saying that the DAO would fund me if I say I will do the work, but might not fund me if I say I will get the work done? Note the nuance in phrasing there. And how would you ever know the difference to begin with? If I am worth funding (however it is decided) then it happens and the work gets done…

Majority of services you order today are performed not by the individuals or organizations you contract with but by some employees, subcontracts, vendors, suppliers. The assurances are given by the provider, who assumes contractual and professional obligations, selects and oversees the job getting done and is responsible to you in several ways for the outcomes.
You need to decide whether you want the control of knowing every step and every participant up front, and most providers will not entertain such an option, as they service many customers and need the flexibility. Can you focus instead on getting what you want and handing the supervision to a qualified and experienced organization, always with caveat emptor.
My technique with meddling and controlling customers is to charge them more, to compensate for the added effort and trouble.

Haven’t been following every detail of this conversation, but I wonder if this distinction matters to anyone:

The current proposal says that all members should be identified by their “real name,” and it seems like many people are concerned with the implication that pseudonyms will not be allowed.

I wonder if a suitable middle ground lies in requiring social verification – asking applicants to connect their social media accounts, so those accounts human-ness and unique-ness can be confirmed. Social accounts can be under pseudonyms but still be fairly sybil-resistant, since you can easily check if an account has a human-looking track record and that no one else has registered using that account, and it’s also difficult for one person to maintain more than a few human-looking social accounts at a time (at least for now…).

This obviously isn’t a long-term solution for identity, but to me, allowing pseudonyms and requiring unique, human social media verification seems like an acceptable compromise for now.

1 Like

I second this alternative.

All I am saying is that I vote likely against if I have a reasonable doubt that the commissioned work is not delivered in full transparency. The simplest procurement process requires the disclosure of a 3rd party involvement. I understand and accept both yours and Walter’s point of view that the reputation of the provider is at stake, but the diligence of on the voting party too. A successful delivery aside, think also of the unethical labour and whatnot, that a voter is (partially) responsible for funding in case the proposal is cleared.

Why doesn’t GenDAO instead make itself resilient against Sybil attacks by structuring the distribution of REP in such a way that makes such a “many accounts from one person” attack as completely stupid and useless as possible? I’m still unclear WHY “one person one account” (whether pseudonomous, real-name, or binary transform of genome) even matters.

Social media verification sucks for those of us who don’t play “follow my life” online. Real name sucks for those of us who want to maintain some privacy. So only if you are willing to completely alienate a particular (large?) swath of potential contributors (for what trade-off? I still don’t understand) should you move forward with either of these.

2 Likes

You may care about this, but does GenDAO’s operating principles and ethos? I don’t know the answer to that (which is part of why I ask the questions I do).

Yes! IMO that’d the best course of action.
Not some questionable resistance but antifragility.

Actually, in the proposed changes to Rep distribution for Genesis 1.0, this is addressed… namely:

  1. you only get rep when you do work, no freebies
  2. the 2% cap is removed

I think both of these changes combined lead to the desired state…?

Was exactly typing that, indeed a rep for work, plus dilution over time would eliminate the fake accounts anyway. That, plus the linearity of voting power, meaning, multiple accounts belonging to the same person equal as if all votes were conducted by a single account, but that is already the case? REP =~ voting power?

This is correct.

The above is also an inherent property - as people propose or lock GEN, it dilutes existing owners over time.

Thank you for the elaborate reply. I wish, I could know how to reply to multiple comments in one message… as I was saying within the reply to Ivan, I understand the responsibility for the outcome on the provider, however, I still would always ask myself the question: “will the funds be used ethically and lawfully for this project?”, especially, if I should accept the possibility of outsourcing. Does the (successful) end justifies the means?

Totally valid point, IMO. This approach really only matters if Genesis continues granting REP the way it has been lately: people coming in and asking for it. If I can do this multiple times, I get more REP for free. You might loosely call this a “proof of unique human” REP system, since you get REP just for being a unique person, for the most part.

With REP systems that aren’t “proof of unique human,” like a stake-GEN-for-REP system (which is just modified coin voting), you’re right, this doesn’t matter as far as I can tell. The same applies to a do-work-for-REP system.

We should consider if Genesis 1.0 should continue using a “proof of unique human” system at all.

1 Like