Networks of trust / decentralized trust

[djangobits]

Had seen the discussion (of verticalcryptoart) yesterday with the topic of (local) subcommunities and also thought a lot about decentralized verification. Imagine, you could 'link' your own address to another address in the sense of that link would mean 'I trust you'. So you simply send off a link operation and a smart contract records that relationship. You could at any time unlink yourself of a person you previously linked yourself to, if you think they do not deserve your trust any more.

Slowly networks of trusted relationships would form along the already existing social connections established in real life or on public platforms. On OBJKT portals like hicetnunc.xyz, the UI could be extended, so you could show:

1) if you are linked to a creator (a level 0 link from me to that creator) 2) how many links away a creator is (eg he is linked to a person I am linked too that would be a level 1 link) 3) if links are mutual (she linked me and I linked her) 4) show special feeds of people I am linked to 5) special feeds of people I am a maximum of n links away 6) special feeds of people with at least n incoming links

Note that the links are unidirectional but can be mutual.

The community would also be visualizable in community clusters or trust clusters. And it's actually how it works today, except that we are creating trust networks in real life or via Twitter or other platforms in a conversational way.

[djangobits]

And speaking about the idea of crediting if you reuse artworks of other people, that linkage could also be made for OBJKTs. You could simply put one or more links to other OBJKTS.

[mescalina]

Sounds like a genial idea to me. You should develop it, it could be a standalone service that anybody could you to build up a trust score of addresses.

[EMES77]

That's a great idea. I've seen something similar in the Pi Network. They call it Security Circle and it's actually their core element of trust in building the whole network.

[somaticbits]

Yes, I love that idea, I'm transferring from Discord for that - so the bad actors would create their own bad network. Actually it could also be interesting in terms of experimentations.. Like creating interactive on bad actors and let them eat themselves (I'm just rambling here)

Anyways, how would that look visually? a score? And what happens to the new creators, or the ones who want to stay anonymous? Just putting thoughts out there

[djangobits]

@somaticbits my real name is not Django Bits, so it's possible to stay anonymous and connect to other people, but of course it needs a minimum of social interactions. But it would even be enough to have a website, where you publish your hicetnunc profile. So people can verify and if they trust it, they might link to you. So anonymity shouldn't hinder it.

And yes, we evolved the idea a bit on discord to see it from the bad actors view. In order to have sales on their pieces, they would try to get incoming links of people who are already trusted in the community (but they can loose them again, if exposed and ppl decide to remove the trustlink). They could set up sockpuppet accounts and building up incoming links. That would probably hurt a feed that displays the most "trusted/linked" accounts, but it wouldn't hurt a feed that shows eg all accounts that are n levels of trust away from your own account. So if they create such sockpuppet accounts or start collaborating, a relatively separated network of bad actors accounts could form, which could be identified and isolated in applications (if that is what people wish).

Just think about how trust forms in hicetnunc now: 1) people already know each other from physical live or online interactions 2) or they check artists profiles to see if they might be legit. Then they try to keep track of those who they deem to be legit and trustworthy. It's exactly the same. There could also be qualifiers of the amount of trust you have towards somebody, but I don't think it's necessary.

[somaticbits]

I'm always wary of scores as they push a certain kind of competition, and it would probably be the same in this case (who would be the more trusted? weird but probably a real scenario) - so I agree to avoid qualifiers / quantifiers of any sort.

So would that mean we would have different types of feed, categorized by the n levels of trust? Or would those feeds with the lowest levels just be hidden until they either improve or just fade away?

[jacksonzumdish]

I think what you are describing is BrightID.

https://www.brightid.org

This was funded by and subsequently integrated in gitcoin.co

[EMES77]

To avoid overambition and too much competition the maximum number of trusted links could be limited to, say 6. If you have 6 links you are trustworthy 100%. And nobody would get into cpetitively collecting trust-links...

[timtrautmann]

Back in the days where PGP was a popular thing amongst some people in the tech community, we held PGP key signing parties. I could imagine that that works in this scenario as well. https://en.wikipedia.org/wiki/Key_signing_party

[djangobits]

To avoid overambition and too much competition the maximum number of trusted links could be limited to, say 6. If you have 6 links you are trustworthy 100%. And nobody would get into cpetitively collecting trust-links...

But would that mean a bad actor would only need 6 incoming Trustlinks to get a trusted flag?

We should not really focus on counting Trustlinks. You could do that but the plain number is not relevant at all. It's just relevant if a user is in the chain of Trustlinks from my own user. The UI would need to dynamically show if a user is in the chain of Trustlinks that start from my own outgoing Trustlinks. And you could set to how many levels of trust you want to accept someone as trusted. I could set only 0 levels to be trusted (my own Trustlinks) or I could select level 1 which would mean that I also accept users who were accepted by my trusted users. And so on.

[EMES77]

To avoid overambition and too much competition the maximum number of trusted links could be limited to, say 6. If you have 6 links you are trustworthy 100%. And nobody would get into cpetitively collecting trust-links...

But would that mean a bad actor would only need 6 incoming Trustlinks to get a trusted flag? We should not really focus on counting Trustlinks. The number is not relevant at all. It's just relevant of a user is in the chain of Trustlinks from my own user. The UI would need to dynamically show if a user is in the chain of Trustlinks that start from my own outgoing Trustlinks. And you could set to how many levels of trust you want to accept someone as trusted. I could set only 0 levels to be trusted (my own Trustlinks) or I could select level 1 which would mean that I also accept users who were accepted by my trusted users. And so on.

Ah Yes! I thought if trustlinks are "earned" by knowing each other from somewhere else bad actors wouldn't get 6 trustlinks. But maybe even those could flock together to get an amount of links... Following a chain of trustlinks to a level everybody can define sounds like the better way to go!

[djangobits]

These links would be unidirectional (except two people created a link to each other). So it doesn't matter from the users perspective how many people link to you. It only matters where the outgoing links point to. These target users will be accepted as trusted users. It's something each user has to actively curate. But he can profit of other people's outgoing Trustlinks if he says that he accepts level 1,2,3 Trustlinks. The more levels of trust he accepts, the higher the risk to see a bad apple as a trusted user. But the UI could inform you what level of trust a user, counted from your individual user, has.

Eg. "This wallet has trust level 5" so better check if it's trustworthy.

[djangobits]

That's a simplified chain of trust. In this case, if User E is a bad apple, I would only see his wallet as trusted, when I set the trust level I want to see to 3. In this case the UI would tell me this user has trust level 3. If my setting is set to max trust level 2, all wallets below 2 would be marked as outside of my circle of trust. And I could probably choose to not have these artworks displayed at all, or I could just do whatever I want (eg buy the token and ignoring if that user is trusted or not).

[djangobits]

getting more complex, it could look like that. So if I set my circle of trust size to 1. I would see the green and yellow users as trusted, but the UI would indicate if they are level 0 or 1. All below and inclusive of level 2 would be displayed as not trusted (which doesn't mean it's a bad actor, it simply means that it's outside of the level of trust you have set. By investigating and creating a new link o trust to a formerly level 2 user, you can add him/her into your circle of trust.

[djangobits]

The lazy people who are too lazy to create trustlinks, could simply trust a user they know is very serious about checking who is trustworthy and rely on his/her judgement. In the above example user A profits of all trustlinks that ME has created if he sets his circle of trust to a size of 1 (level 0 + level 1). The UI could even be extended, so you could see which of your trusted users have trusted a previously unknown wallet.

[djangobits]

It would be a tool to give the user power, not to ban bad apples per se. Not restrictive, but empowering. Pulling the data together upon loading a page or a piece, might be a bit of a task here... lol.

[EMES77]

It would be a tool to give the user power, not to ban bad apples per se. Not restrictive, but empowering. Pulling the data together upon loading a page or a piece, might be a bit of a task here... lol.

I like that approach a lot! It's open and nobody is excluded. The UI could be on hicetnunc's profile-pages where you simply click a "trust this user" button. I have to admit that I don't have enough knowledge of blockchain-tech. I still think in databases... Do i understand it right: If these trustlinks are smart contracts, this tech could even be accessed by other NFT platforms right? Then it could make NFT trades much more secure all over tezos, right?

[jacksonzumdish]

What you describe is literally what https://www.brightid.org built...

They even have an interactive 3D trust map in the app...

[djangobits]

@EMES77 Trustlinks could be implemented via smart contracts and yes, then it could be used by any other application or portal. There are data structures available. But queries might be tricky to do efficient, the deeper you want to query these trust chains.

AFAIK @crzypatchwork did try to not use external centralized databases, so a smart contract integration would make sense it it's possible to query it efficiently.

@lardnicus I understand. But the system should be accessible from our wallets, means built on Tezos. To set a trust link, you would have to trigger a set_trustlink operation or so. Also, how I understand it, BrightID needs to have a real verification (KYC style). That's far too much IMHO.

[jacksonzumdish]

They have an API as far as I know to integrate it, Gitcoin use it to keep the platform sybil-resistant. I mean if you wanna build it for fun I get that, I have done as much in the past, but what you describe is literally what it is...

https://dev.brightid.org

[murbard]

Look up SybilGuard and SybilInfer.