Open pinheadmz opened 3 years ago
Use as it is :)
I personally would be in support of both 2 or 3 (if we can get a majority of consensus from miners to move to it). One of the biggest problems with Airdrop I see is, most developers don't even know about handshake to know they have a airdrop, furthermore even if they find out Most won't bother setting up a domain (with the long 15 day bidding cycle) and might just exchange HNS for hard money (~$528), and it ends up with no benefit to adoption. I think distributing domains might have been a better call than distributing HNS.
At the same time, my views here might be biased, since I am already part of the community and do not benefit from the airdrop.
Interesting article, thanks for the heads up to the points raised. As a new Namer i'd first like to feel the fundamental status quo that has attracted me; a reasonable and important mission with (it seems) great growth potential.
However I have not yet found a HNS website with a Namebase TLD that works without issues (an MVP). Before i can think about soft or hard forks i'd like to know if what exists works. Or rather can i get what i can see to work on a production level environment?
1) http and https websites served without the need for browser add-ons 2) Server-side resolver solutions that secures the functionality of HNS websites in a generally sovereign way. 3) Risk assessment of the future battle foreseen with ICANN regarding mutual compliance and interoperability. At this apparently experimental phase I'd like to build on the worse case scenario to keep my/projects' expectations in check.
- "This assumption of trust is a really big, hard, jagged pill to swallow for many experienced cryptocurrency users who are accustomed to hard-money systems like Bitcoin."
Returning to your article, suppose the airdrop was done in an un-respectable way, with poor efficacy, does "Do nothing" break the developmental capacity of the Handshake project's mission?
"Deploy a soft fork and freeze the airdrop" sounds like a road to confusion, at least in the short run, that's a really big, hard, jagged pill to swallow for me as I have not yet found a HNS website with a Namebase TLD that works without issues.
Hard fork! Wouldn't that obviously break the whole project or at best displace its growth potential into a whole other era? I have just arrived, if i had come and found the project going through a hard fork i wouldn't have stopped to get involved.
From your article i am now wondering if the Handshake core development team have, in your opinion, left themselves short of resources for the dynamic development of the mission. Is this your concern? Or do you have concerns about the ethical integrity of the Handshake founders?
I'm new, ready to work and keen to learn more of where this has been and is (by consensus) going.
It's an interesting problem. I think "removing the supply" is not dissimilar to what happens by default if the founders are trustworthy... most of the coins never get claimed anyway. However it does change perceptions of the token value and effectively multiplies the relative portion of supply each HNS holder controls. This seems like it could unfairly benefit the folks with large allocations already. The system was designed to give them a small but significant slice of the pie, and we'd be giving them the bulk of the pie instead, perhaps. I think having a re-do on the airdrop distribution somehow would probably help promote adoption and help distribute the coins in a more fair way. I don't know what the strategy would be exactly or how it could mitigate intentional exploitation or an appearance of unfairness. It could also undermine trust in the ecosystem's decentralized nature if e.g. matt and a few other people end up effectively controlling this process, especially if it ends up going into a dev fund or whatever. Another consideration is that any big boost in liquidity will likely tank the market price and alienate price speculators. All that said, I'm a little bit partial to redistributing the wealth somehow, perhaps just some sort of better-planned version of the original OSS developer airdrop, maybe aiming to be more inclusive of projects outside of github, better-announced, etc. — and the idea of distributing names instead of coins (or just coins) also appeals to me, but I suspect there'd be more room for contention over who gets what if they're based on handles or email addresses or anything like that, or else they'd have to be sort of nonsense strings which might not be viewed as useful/valuable.
Thanks for creating this issue. I vote for deploying a soft fork and freezing the airdrop.
I think the main goal of Handshake should be simple: make a decentralized and secure naming system root zone
That's the one and only mission and every decision should be based on this.
So taking unknowns out of the code supports this.
Gifting coins to a centralized foundation would be opposed to this mission.
Do nothing. The wisest choice that doesn't break social contracts.
I thought the code right now will not accept airdrop claims after genesis + 1 year + 1 month?
I thought the code right now will not accept airdrop claims after genesis + 1 year + 1 month?
@sai7o no, the rule you are thinking of only disables Goosig - an optional cryptographic blinding factor available for certain types of airdrop claims (RSA specifically). Even after "goo-bye" all airdrop recipients using RSA keys will still be able to claim, it will just reveal their public key. See https://github.com/handshake-org/hsd/pull/305
Would 100% be in favor of hard forking to end this issue. This needs to be fixed. It’s a major issue for me, and I’m a long time lover of Namecoin and all decentralized DNS blockchain projects.
@pinheadmz if we do nothing then no goosig claims will be accepted in 1 month? supply is audit-able for all non-goosig claims?
Even after "goo-bye" all airdrop recipients using RSA keys will still be able to claim, it will just reveal their public key.
This needs to be fixed. It’s a major issue for me
What's the issue?
I'd say do nothing.
Handshake as a DNS works fine. The $HNS (money) exists to be the incentive for miners, which is also works fine. The airdrop strategy was designed to invite more developers, which worked for me.
Just the possibility of a fork (soft or hard) kind of damages the image of HNS.
you trust them to have distributed these funds to 216,199 individual open-source developers
Do you believe this is already affecting HNS' image?
@pinheadmz if we do nothing then no goosig claims will be accepted in 1 month? supply is audit-able for all non-goosig claims?
@sai7o that just applies to RSA signatures. ECDSA keys are still blinded using a "tweak" which is not brand-new cryptography invented for this project and so it is was never scheduled for deactivation. Even if it were, the airdrop tree would still not be auditable as a whole - we would have to watch the chain and every time an exposed public key was used in a proof, we would have to check it against GitHub data which would have to be stored... on every full node I guess? I'm not even sure if the original data is still available and I think it would have to be to ensure that all airdrops are from qualifying recipients:
From https://github.com/handshake-org/hs-airdrop#privacy
To solve the privacy issue in a non-interactive way, a 32 byte nonce has been encrypted to your public key (you will have to grind a file full of many ciphertexts to find it). For EC keys, this nonce is treated as a scalar and is used to derive a new key from your old one. For RSA keys, a much more complicated setup is necessary. In either case, once your new key is derived using this nonce, you will be able to find its corresponding leaf in the merkle tree published above.
Publishing a signed airdrop proof using this method does not leak any information about your actual identity.
The full list of keys will be destroyed upon mainnet launch. Plaintext nonces are not saved at all during the generation phase. The ephemeral keys used for the ECIES key exchanges are also not saved.
I'd say do nothing by now. CAn we purpose a soft fork in, for example, 5 years in the future?. It's enough to spread the word between devs and they claim airdrop. Actually I'm trying it with a lot devs i know. Do a hard fork or premature soft fork will decrease the HNS image a lot, in my opnion. Thnks
Thanks Matt for raising this issue. I'd be just as excited about Handshake with any of the options outlined given sufficient community support.
Generally, I loved the idea of widely distributing HNS to individual open source developers in a private manner. It was unique, innovative and experimental. Morever, it felt fair. With claims stalling, it's not clear if/when more will claim. Further, I question whether "free money" translates to "skin in the game" the way one would think it would. e.g. people seem way more excited about $GME compared to stimulus checks.
A possible unintended consequence to expiring or hardfork-ing the airdrop is it would drastically increase the proportion of mineable coins compared to max supply. Because the airdrop is currently the vast majority of the supply, eliminating it drastically increases the proportion of mineable supply. Perhaps a simultaneous halvening of sorts might suffice is mitigating this effect, but I suspect this is only possible with a hard fork.
Perhaps a simultaneous halvening of sorts might suffice is mitigating this effect, but I suspect this is only possible with a hard fork.
@2drewlee actually, reducing future mining subsidies is a soft fork because that is tightening the rules. Subsidy rewards are checked with a >
and so an early halvening would be backwards-compatible.
Option 2 with the addition of mining rewards reduced.
Let me start by saying this whole situation is very unfortunate and we have to make the best of it. As was mentioned above, the whole purpose of Handshake is to make a decentralized naming service. We should remove any unknowns.
While I understand there are now concerns about early recipients having a large piece of the pie, it is still the best of a bad situation and is preferable to "trusting" that the remaining supply is properly allocated.
Having any level of trust is a big no no in any blockchain. Even the most casual observer would understand this. Security, stability and predictability are 3 principles that have elevated Bitcoin to the status of respect it has. We should seek to uphold these values.
I am against Option 3 unless the community can come to a consensus on how this new distribution method can occur trustlessly and who the beneficiaries should be.. However, I predict this will introduce too many unknowns and inevitable politics around the latter question. We should leave the experiments of DAOs and on chain governance to projects like Ethereum. I am especially against it being anywhere near the root level.
First, thank you Matthew for bringing this issue to the community's attention.
Option 3 is off the table for me. What if we end up with two chains?
Option 1 is also off the table for me. I trust the founders of Handshake 1000%. I do. But I don't want any part of Handshake being entrusted to anyone, especially not the 952,000,000 HNS airdrop. Isn't the point of Handshake - isn't the point of any crypto project - to be trustless?
It has to be option 2. Yes, it sucks that we will be losing the airdrop; I thought the airdrop to FOSS developers was a brilliant idea. But look at what we gain, or rather lose: trust.
Don't trust. Verify.
Here's a good question to ask yourself. If you've been a member of the community for more than three months ask yourself this:
Which of the three options above do you think the founders of Handshake would opt for?
I like option 2. However, a lot of the communication about handshake on online forums like hacker news and reddit has emphasized this global airdrop to open source developers. I know at least one developer that recently claimed tokens even though they knew about this airdrop for more than a year. It takes time for news to spread and for people to act on information. If we go down the path of a soft fork, I think setting a future date, at least a year out (maybe more), would make sense.
Here's a good question to ask yourself. If you've been a member of the community for more than three months ask yourself this:
Which of the three options above do you think the founders of Handshake would opt for?
@81jpayne you have an answer from at least one founder already
The question I hope users ask themselves (and anyone who saw an article on Hacker News) is "would you buy a fancy new cryptocurrency with a 70% premine, the majority of which probably but unverifiably went to open-source developers?" Because that's in the "fine print" of our social contract.
We should leave things as they are to preserve Handshake optics, honor the original project goals, and reaffirm trust in the airdrop tree in the face of FUD (more on this below).
With community consent, a coin distribution can occur worldwide to double the money supply via a hard fork and give that doubling to everyone in the world (7 billion people as a goal). This is only useful with sufficient value in the coin, with a target of $50 billion USD as a trigger. This can be triggered by the aggregate value of Handshake, or an aggregate value of all coins committed to worldwide distribution.
By constructing a mechanism with coin distribution to FOSS developers with no expectation of return, this creates a complimentary system whereby individuals building FOSS software are able to build software for the commons while also having majority ownership and economic benefit of co-creating this system during the development phase, there is simply an incentive to participate and create a valuable system for developers who own the coins.
A
be the set of deserving recipients and B
be the set of actual recipients.C = \forall x\in B : x\not\in A
.D = \forall x \in A : x\not\in B
x\in A
, they will be unable to claim with probability |D|/|A|
n
deserving developers, of whom m
fail to claim, and estimate |D|
as (m/n)\times |A|
|D|
and see that as n
grows, you very quickly get quite confident in |D|
|C|
is small but this section is already so irrelevant I'll save you the spamFully agree with @turbomaze.
Satoshi may have cpu gpu mined 1 million coins. Founder allocation fuzziness immaterial.
It seems to me that the chief concern here is the complaint that HS violates the principle of a zero-trust cryptocurrency, because a large chunk of its value comes from an unverifiable source and is therefore not properly trustless.
I wonder, though, how big of a problem this actually is. Yes, there are definitely people out there who believe so strongly in that principle that they wouldn't touch HS with a ten foot pole unless it were to get rid of it. But I think that a significant majority of the people who will end up using HS, if it takes off, won't be very worried. After all, anybody who's using DNS right now is implicitly trusting the (very few) entities who actually control the root DNS servers.
And the airdrop provides a pretty significant advantage, in that many people who stumble across HS will discover that hey, they actually have a stake in this, and maybe they should start messing around with it and see what happens.
A second advantage is that the airdrop can actually act as a stabilizing influence on the price of HNS: if the price goes up, more people are incentivized to claim their airdrops, increasing the amount of HNS in circulation and bringing it back down. I think this is a good thing, since price volatility tends to be a barrier to cryptocurrency adoption.
So, in summary:
I've been aware of HS for less than a month, but it's the first thing I've come across that looks like it actually stands a chance of replacing the centralized architecture of DNS. In my opinion freezing or reversing the airdrop would do more to hinder the adoption of HS than it would to help. (for all the weight that my opinion carries, as someone who found out about HS less than a month ago. :P )
People need to stop being scared of hard forks. Us in the Monero community have been hard forking once a year for six years. It’s not a big deal. Yes, there are a bunch of useless tiny forks of Monero still being mined but nobody uses them.
The difference between Moneros hard forks and the Bitcoin/BitcoinCash split is contention. If Handshake cuts off the dev share, will an army of users and devs go off into the distance to continue the project on their own term? Certainly not. Monero even switched its PoW to cut off GPU mining (because RandomX is ASIC resistant), and after a few weeks of grumbling everyone came together, and today 99.99% of the community has consolidated around the main project fork.
There is no social contract with a project this small. There is only the devs of the project. What do YOU feel is right? Do that. Everybody else will just accept it and move on, and if they don’t they’re free to create “Handshake Classic” et al and try their hand at that.
@SomaticFanatic "contention" is precisely why I opened this issue.
With 18 participants in just a few days it seems like option 1 has slightly more support (although not everyone made a clear vote). A few participants sound like they would be "ok" with option 2, and a few more participants sound more strongly in favor of options 2 or 3.
I'm going to leave this issue open, maybe forever, and we'll see if community sentiment changes over time. Ideally we'd get a lot more responses and hopefully some input from non-English-speaking users as well.
At this time, I'm going to interpret the comments so far as a signal NOT to write a pull request for a soft fork that freezes the airdrop, and just prioritize everything else I'm working on and reviewing other PRs, etc.
This does not mean that I would strongly oppose someone ELSE writing such a patch for hsd, or even trying to convince the community or mining pools to run such software, I'm just not going to do that myself at this time.
after catching up to the various arguments, i'm still squarely on the fence about this.
the point about trustlessness is i think a valid one, but as others mentioned, maybe not the driving force for this project that it would be for others.
the points about forking vs not forking, i'm not so clear on. i don't see anything wrong with forking especially when the community is young and small, while it's still practical to achieve with relative efficiency. some details of HNS design seem to have been intended to be forked based on how things progress with adoption, e.g. the reserved names cliff at 4 years. it's only a problem if they result in substantially competitive forks, which would require community division on these issues. if and when some broad consensus is ascertained about this kind of decision, that's how blockchain systems are supposed to make improvements over time. if there's no strong community consensus, then it probably shouldn't be done. a github thread is probably not the right way to figure that out, but it's a good enough starting point for weighing the arguments at least.
i'm not convinced writing a fork PR ahead of a high level decision is a good use of resources unless it's something that could be time-sensitive to resolve quickly when some incident occurs. i'm not sure whether this is one of those.
for now i tend to concur with leaving it alone as-is, since we can expect more FOSS devs to claim as HNS exposure grows and that's generally a good thing.
Option 2 doesn't solve anything. If you are operating under the assumption that founders control 70% of total supply, the profitability of executing a 51% attack to claim will only increase over time. If this were to happen, presumably we end up hardforking out the airdrop anyway so all we really did was deny FOSS developers the money they were gifted.
I agree with @SomaticFanatic that forking is not inherently bad and we should even look on it positively since we are actively improving the core protocol in a verifiable way.
Personally I don't care between option 1 or option 3. I lean towards 1 for similar reasons to @jfmontanaro. Even if 70% were claimed by founders it doesn't change anything about the Handshake DNS system. The only people that get hurt are speculators and they took that risk or should have done better research. If we do go with a hardfork I think it would be better to incorporate value adding features into the process (e.g. confidential bids or native trustless subdomains) since this isn't time sensitive and we don't have to coordinate an extra hardfork.
I want to state that I think Namebase has too much economic incentive here and their opinions should be carefully examined. The best move is to respect and trust the creators of the chain, and verify where you can.
Forking to change the distribution at all shows a strong misunderstanding of blockchain governance, and it is a spit in the face of those who thought mindfully on how to ensure Handshake's success long term.
Stop trying to change the economics to benefit some in-group that wants more influence in the short term, because they didn't create it and desperately seek validation. That's all this is. Anyone seriously discussing this is a danger to Handshake.
This is why we need a second full client implementation ASAP so HSD maintainers don't get brave and become tyrants of ego.
The code is stable and serves the intended functionality. The air-drop is an integral part of this architecture and it will contribute to the ecosystem in many unimaginable ways. Unless until majority of earth's population doesn't vote to make any change it should not be implemented in any kind of fork. So I request to let it be as it is.
Background
Handshake was launched with a massive airdrop for open-source developers. It "supposedly" includes public keys of 216,199 GitHub users that met certain qualifications at the time that the project founders computed a snapshot from GitHub's public API. The airdrop was pre-allocated 952,000,000 HNS from the total maximum money supply of HNS, around 46.6% of the total 2,040,000,000 HNS
MAX_MONEY
The Problem
There is no way to verify that the Handshake airdrop tree actually contains all of the keys the project founders claim it does. Even if the massive amount of scraped GitHub data was presented to the community for review, the airdrop also employs a novel cryptographic blinding factor which would still prevent auditors from verifying the final merkle tree root, which is a hard-coded mainnet consensus parameter. It's also worth noting that downloading this data from GitHub takes several days and anyone ambitious enough to repeat and verify the process would probably have had to have done so at the exact same time as the project founders, in case any GitHub users updated their profile during the process.
If you are a Handshake user, you implicitly accept that almost 50% of the total money supply was essentially trusted to the project founders, and you trust them to have distributed these funds to 216,199 individual open-source developers without adding in any "extra" keys for themselves or any other non-qualifying recipients.
This assumption of trust is a really big, hard, jagged pill to swallow for many experienced cryptocurrency users who are accustomed to hard-money systems like Bitcoin.
Current Data
As of block height
51407
, 4,671 airdrop proofs have been confirmed on the blockchain, generating a total of around 19,833,066 HNS. Almost all of these proofs were confirmed before block height 10,000. These days, airdrop proofs are just barely trickling in.The Faucet
The airdrop also included an opt-in faucet where users registered on handshake.org. Their keys were removed from the GitHub airdrop to prevent duplicate rewards. There were 1,149 faucet airdrop recipients. But unfortunately these rewards were mixed in with the project sponsor rewards.
The combined list of recipients contains 1,358 addresses, distributing a total of about 237,412,586 HNS. 100% of the faucet proofs were mined already because they paid miner fees but required no signature. So they are already on the blockchain. But have their recipients actually "claimed" these rewards yet? I ran a script over this list and found that as of block height
51407
, only 270 of these outputs have been spent (moved / claimed) which corresponds to about 72,198,479 HNS. This data could be improved by checking each recipient's value but for current purposes, we can include the sponsors in the mysterious pre-allocated coin supply.Reserved Name Claims
This is related to the airdrop in that we can apply the actions below to reserved names. However, the reserved name claim system IS completely verifiable and there is no mystery about it. If the community wants to change how claims work that can be discussed as well but it is a different problem than the un-verifiable airdrop. It's been a while since I checked but so far there have been around 1,500 reserved names claimed on the blockchain, generating around 5,000,000 HNS. The complete reserved name list has about 90,000 names and is allocated 204,000,000 HNS
Actions
Most importantly, I just want all HNS users to realize this is a property of the current system. There are some things we can do with enough community consensus. The community may even change over time and revisit this issue in the future if more "hard money people" come on board.
Do nothing. The community accepts this property of the system, and trusts the founders. Users looking for "hard money" have plenty of options (like Bitcoin) and maybe Handshake just serves a different enough purpose and this is OK.
Deploy a soft fork and freeze the airdrop. This means airdrop proofs submitted past a certain block height will be invalid in the mempool and in blocks. If this were enforced today, the total maximum HNS supply would be almost cut in half immediately. Anyone who claimed their airdrop before this height would be unaffected. We will have to assume all the airdrop proofs already confirmed on the blockchain were from honest, qualifying recipients. A soft fork is deployed by releasing a new version of hsd with the new rules programmed to trigger at a certain time. If a majority of miners run the new software, they will effectively "censor" all future airdrops. Older versions of hsd will still function completely normally and can even attempt to submit airdrop proofs, but they will never be confirmed.
Deploy a hard fork. A hard fork means 100% of all hsd nodes MUST upgrade to enforce new rules. All relay nodes, all miners, all public resolvers, all exchanges, every single Bob Wallet user. If the new rules are contentious at all and the old rule set still has some hashpower behind it, there will be a chain split and we'll end up with two Handshakes (like Bitcoin / Bitcoin Cash and Ethereum / Ethereum Classic) -- and two HNS root zones! A hard fork can do all kinds of crazy new things though, for example:
Redistribute the value from the airdrop into a fund (for developers, marketing, whatever...)
Replace the current airdrop with some other distribution mechanism that can be publicly verified
Further Reading
Understanding the Handshake Airdrop and Reserved Names
FAQ: What is the coin emission schedule for HNS?