[HN Gopher] Update on beta testing payments in Signal
___________________________________________________________________
Update on beta testing payments in Signal
Author : tosh
Score : 126 points
Date : 2021-04-13 18:49 UTC (4 hours ago)
(HTM) web link (signal.org)
(TXT) w3m dump (signal.org)
| FlyingSnake wrote:
| What a handwavy article full of stuff that's not addressing the
| real issue in discussion; collusion with MobileCoin.
|
| WhatsApp management must be really happy with this sudden move
| from Signal. Signal has lots of detractors who would like to
| discredit it, and Moxie and co. just handed it on a platter to
| them.
| bilal4hmed wrote:
| Many of my friends and family moved back to WhatsApp after the
| massive two day down time Signal experienced after the huge
| inflow.
|
| That too was so mysterious and moxie never gave a proper
| explanation why it took them so long to recover the service.
| StavrosK wrote:
| He didn't? I'm pretty sure I saw one, the explanation had
| something to do with a retry strategy stomping the servers
| IIRC.
| Vinnl wrote:
| What they've not addressed:
|
| - Moxie's involvement with MobileCoin (could be as simple as
| saying: "for the same reasons Signal's interested in MobileCoin,
| moxie is as well").
|
| - The concerns about regulatory risks/attention involved with a
| cryptocurrency integration.
|
| - Why it involved hiding the server source code.
|
| The idea of privacy-friendly transactions easily available within
| an app I'm already using is attractive, but I very much hope the
| obvious concerns won't play out in practice (which time will
| tell), and it would be good if they'd also addressed the above.
| SuchAnonMuchWow wrote:
| Also: why Mobilecoin, which is as far from "an alternative
| payments infrastructure" as most other cash-grab cryptocurrency
| ?
|
| It isn't known how much of it was premined, and from an early
| version of their whitepaper, the founders might have as much as
| 80% of the total supply of the coin. This isn't fine for a
| cryptocurrency which aims to be "an alternative payments
| infrastructure", and it isn't fine for Signal to try to promote
| them as such.
| hiq wrote:
| > - Why it involved hiding the server source code.
|
| My guess: to reduce the noise and speculation. Much better to
| deal with it now that there's something to be gained (feedback
| from beta testers and actual deployment). There was little to
| gain before, since the server accepts very few contributions
| anyway.
|
| I wander enough on GH to see how much time big open-source
| project maintainers spend addressing toxic comments. Open-
| source is nice when you get relevant contributions and
| constructive feedback, but it's really not free, you have to
| deal with all the rest as well.
| mplewis wrote:
| If you're not willing to be open with your source, don't
| market your software as open-source.
| rOOb85 wrote:
| ...there code always has and continues to be open source.
|
| Is there some law that states a project must publish X code
| changes in Y timespan?
| dogecoinbase wrote:
| In this case, they not only didn't update with changes,
| but didn't address specific concerns about known
| vulnerabilities in their outdated repo:
| https://github.com/signalapp/Signal-
| Server/commit/3432529f9c...
| fastball wrote:
| Well take it further - is is still open-source if you
| update the public repo once every 10 years?
|
| For the vast majority of people, OSS in 2021 means having
| a public repo hosted somewhere that all commits are
| pushed to, or PRs are made to. Periodically updating a
| public repo with changes made to a private repo is not
| really what people have in mind.
| jefftk wrote:
| The biggest example I can think of projects that worked
| this way was how WebKit and Android would publish code
| dumps with every release. You can't go longer than that:
| if you put out releases without updating the source
| you're not open source.
| cptskippy wrote:
| Were they updating the Server during the periods where
| the public repo wasn't receiving updates?
|
| That's like requiring a developer to push their local
| changes hourly/daily for a task that's been committed to
| but not completed.
| SuchAnonMuchWow wrote:
| It is not about how often you update your project.
|
| To be open source, you need to publish the source of
| applications you run. It's as simple as that: "we
| developed this app, and it's running on our servers, and
| the source can be found here".
|
| They kept updating their server app for a year, without
| publishing their source. This is not open source. Signal
| server code was not open source for a year.
| geofft wrote:
| Isn't the allegation that they made changes to the
| deployed version of their production server that were not
| pushed to the GitHub project? (i.e., that they stopped
| updating the server repository for around a year, but not
| just implausible but contradicted by evidence that they
| never changed the server code for about a year?)
|
| If so, then the code quite simply is not open source by
| any possible definition. I agree with you that a project
| that is dormant, or even receiving _internal_ development
| that is still under review, can defensibly be called
| "open source" even if the development isn't happening in
| the open. (For instance, your favorite begrudgingly-GPL-
| compliant hardware vendor who releases .zip files every
| time they release a new product is releasing "open
| source" code.) But if the source code to the Signal
| server isn't even published, it can't be open.
| alpaca128 wrote:
| > My guess: to reduce the noise and speculation.
|
| Why do you think more transparency would lead to noise and
| speculation? Exactly the opposite is the case. They could
| have gone the open route and maybe even gotten help from the
| community at implementing their payment feature.
|
| But the way they did it they left everyone wondering whether
| their server is now spyware or what other reasons there could
| be for them to not update the public repo.
| geofft wrote:
| OK, I have what is probably a silly question: Why is it a good
| thing for this wallet to be non-custodial?
|
| As far as I can tell, this massively changes the user experience
| around the security properties of using Signal. For Signal chats,
| I have one of two options:
|
| - Default behavior: I trust the Signal network to verify my
| contacts via SMS and notify me if the physical device changed,
| and I rely on my social connection with people to know if they're
| getting a new physical device (e.g., if someone says "I'm
| stranded in a foreign country and I need immediate help" from a
| new device when they have neither new phone plans nor travel
| plans, I'll be suspicious)
|
| - More secure behavior: I verify safety numbers out of band,
| e.g., in person
|
| Optionally, my contacts (or I) can make things more secure than
| SMS by adding a PIN.
|
| This is great. This is not the level of security I'd need in
| order to commit treason against my government and win so the
| history books don't call it treason, of course. But it's a far
| higher level of security than letting Google / Facebook / AT&T /
| etc. see all my messages, _and_ it remains usable. As a practical
| threat model, it 's a very good level of security for attorney-
| client communications, labor organizing, etc.: it's easy to keep
| a bunch of folks who aren't crypto nerds reasonably secure and
| private against attackers who don't have a zero-day research
| team. If one of those non-technical folks loses their device,
| it's pretty easy to decide whether to let them back in.
|
| With a non-custodial wallet, Signal is saying that your money
| doesn't work this way. It's protected by some other private key
| on your device completely unrelated to Signal.
|
| First, what is that mechanism? The MobileCoin website
| https://www.mobilecoin.com/ says, as its very first feature: "
| _Easy wallet recovery - Securely recover your wallet if you lose
| your phone, without trusting a provider with your private keys._
| "
|
| That sounds great! That sounds like it lines up with the Signal
| model, I think. How does it work? Do I need to hold on to a
| recovery key or something?
|
| I see absolutely no information in the repo about how.
|
| If Signal is going to implement a money-transfer mechanism, it
| feels to me like it should work like Signal - I should have a way
| to get back on board if I lose my device. I should be encouraged
| to have some place I trust more than Signal (just like I'm
| encouraged to trust in-person conversations more than Signal),
| and I should be able to wire money out. Honestly, I think this
| matches Signal's practical threat model / use case: if I text a
| friend saying "Actually can you PayPal me at this new address"
| via Signal, they're generally going to do that, if it came from
| my Signal account. So there already isn't a particularly stronger
| way to safeguard money than the safeguards on Signal
| conversations itself.
|
| Am I missing something in this reasoning? It seems like they
| adopted this design because it makes sense _for a cryptocurrency_
| , but it doesn't seem like it makes as much sense _for a cash
| transfer mechanism within a chat app_.
| 40four wrote:
| I don't use Signal, nor do I really know much about this
| situation. But on a quick glance, it sort of reminds me when
| Keybase added Stellar Lumens wallets.
|
| Of course, a lot of the friction with Keybase & Stellar was due
| to the magic 'airdrop' of coins, and all the craziness & flood
| out outsiders not interested in the Keybase mission itself.
|
| But, the part that stands out to be, is many of the long time
| users or 'die hards' being very vocal about their distaste for
| the move. They say it doesn't fit here, or 'we don't need this',
| or whatever.
|
| But the way I see it, who really cares? Some people will use it,
| some will ignore it. But if you're a dedicated Signal user, and
| you don't need or want this, why can't you just keep using Signal
| the way you are now and not let it affect you?
|
| Why does everything have to be some big philosophical nightmare
| when a feature you don't care about gets added?
| verytrivial wrote:
| Trust. No one's judgement will be impaired by bolting a GIF
| pack onto a messaging app. VC-backed crypto wants a seat at the
| table and want you--exclusively--to facilitate the market for
| the coin? Different story maybe? Can you make the same
| impartial decisions regarding integration when you are not
| impartial? (Well, as far as we can divine from the various
| allusions, hints and allegations .. I mean even needing to ask
| these questions is weird.)
| bsdubernerd wrote:
| Sadly, the LAST thing I ever wanted the signal foundation to do.
| And this adds to the PIN & cloud "features", insistence of a
| phone number, refusal to work with 3rd-party apps...
|
| I'd rather them have done _nothing_ at all.
|
| Oh well.. further proof you really need federation.
| pixiemaster wrote:
| > Oh well.. further proof you really need federation.
|
| more like: open protocols for certain interactions,
| irrespective of the app that implements it.
| gen220 wrote:
| Open protocols is the way. Then if a client starts acting
| sketchy or bloaty, you can ditch it for a better one.
|
| Plus, an open protocol changes the risk calculus for the
| group that manages the client implementation, in a way that
| would prevent situations like this one.
|
| However, open protocols _beget_ federation, so I don 't think
| you're at odds with the above poster. Email, DNS, etc are all
| open protocols with federation built-in, but we trade away
| some centralization of servers (GMail, Cloudflare, etc) in
| exchange for nice things (DoS protection, spam filtering,
| etc).
|
| In the worst case, where a server starts acting scammy (like
| embedding ads in your email) or tries to diverge from the
| protocol, you can always go back to hosting it yourself, or
| paying a small and trusted shop to host it for you.
|
| In the arena where Signal is competing, Matrix [1] is
| probably our best bet. (Assuming irc is too barebones for
| your needs, in 2021). It has also supported end-to-end
| encryption for some time now [2].
|
| [1]: https://matrix.org/docs/spec/
|
| [2]: https://matrix.org/faq/#which-matrix-clients-support-e2e
| toomuchtodo wrote:
| No, you do not need federation. You need an organization and
| leadership in it that is focused on their mission.
|
| For example, Let's Encrypt reliably, like clockwork,
| distributes certificates and maintains related PKI
| infrastructure. That is what Signal was supposed to be (at
| least, my interpretation based on their PR) with regards to
| secure messaging, and they have utterly failed to maintain the
| focus you'd expect of a non profit with their mission.
|
| If I want payments (unregulated payments at that), I would use
| and donate to a payment app, not a messaging app. But heh,
| report it to regulators and let them be the bullwhip to Signal
| and their poor choices if they ignore the community (who are
| their stakeholders as a non profit entity). Of all the ways to
| kill your project, this doesn't seem like the "hill to die on."
| Don't drag secure messaging into your fight against nation
| state currency regulations, and have some common sense about
| compartmentalizing around regulatory risk.
| anoncake wrote:
| > You need an organization and leadership in it that is
| focused on their mission.
|
| And will remain so forever. Which is not realistic.
| FlyingSnake wrote:
| > You need an organization and leadership in it that is
| focused on their mission.
|
| This is exactly what Signal had, until the leadership changed
| their focus onto more lucrative prizes.
| bombcar wrote:
| Which is why you need to see "where's the money coming
| from" because a non-profit that can't survive will go
| looking for it. Let's Encrypt is small enough that it can
| entirely exist under the donations of some of the large
| internet companies - Signal doesn't have that and so the
| temptation to look for money will be there.
| FlyingSnake wrote:
| > "where's the money coming from"
|
| I'm not sure if I understood it correctly, but isn't a
| major selling point of cryptocurrencies is the
| anonymity/untraceability?
| luckylion wrote:
| I believe that comment meant the money to fund the
| development of Signal.
| bombcar wrote:
| No, I'm talking about the company/organization itself. A
| non-profit like Signal can be all high and mighty and
| principled as long as the bills are being paid (by whom?)
| but once that dries up (or never materializes) the
| temptation to monetize by doing things that go against
| the original mission becomes greater.
|
| Let's Encrypt doesn't have a reason to try to blockchain
| their certs because their bills are being paid. Signal
| clearly wants more money (they openly state that the coin
| will pay $1m/yr to Signal).
| jeltz wrote:
| As far as I know Signal has no issues with funds. I feel
| this is more about Moxie and potentially other employees
| who want to make money for themselves, not for the
| foundation.
| mayneack wrote:
| > And this adds to the PIN & cloud "features", insistence of a
| phone number
|
| the PIN & cloud features are explicitly designed to facilitate
| breaking the phone number requirement.
| freeone3000 wrote:
| You don't really need either. Tying the keys to the _device_
| was sufficient.
| WrathOfJay wrote:
| Why am I seeing payment integration while I still lose my place
| in an audio playback when I switch from landscape to portrait? Or
| the fact that I still can't tell whether I've listened to a
| message yet or not? Still losing messages in the middle of
| recording.
|
| Honestly, having a hard time with my switch from WhatsApp to
| Signal, and certainly don't need any cryptocurrency integration.
| jeroenhd wrote:
| Likely because keeping your place in audio playback doesn't
| bring in as much cash as a cryptocurrency deal.
|
| If Signal can get a decent amount of money from this crypto
| scam, there's a good reason to implement it over some minor
| usability features. Free users don't directly bring in any
| cash, after all.
| nikolay wrote:
| Yeah, sprinkle some crapto dust on it, and let it rot.
| bilal4hmed wrote:
| After the last discussion I have been trying Element. It has some
| rough edges still but it has vastly improved since the last time
| I tried it.
|
| Additional bonus, no electron based client, native apps for ios,
| Android, Web, Mac and even Linux.
|
| If they can make the verification process for a new device
| smoother, I can recommend to folks. My worry is the amount of
| influence I used to get people to switch over to Signal only to
| ask them to switch again
| callahad wrote:
| > _no electron based client_
|
| The "Element" branded desktop apps are actually based on
| Electron, but since the underlying Matrix protocol is open,
| there are a plethora of fully native third party clients in
| varying stages of development.
| bilal4hmed wrote:
| Thanks for that, I had missed it completely since I was using
| the web version, didnt realize the official one was electron.
| Sorry about that
| callahad wrote:
| Oh no problem at all -- I think it's a great counterpoint
| to closed ecosystems like Signal and Discord which are
| actively hostile to third party clients.
|
| If you don't like Electron, you're free to choose an
| alternative desktop client like Fractal
| (https://wiki.gnome.org/Apps/Fractal) or NeoChat
| (https://invent.kde.org/network/neochat) or Nheko
| (https://github.com/Nheko-Reborn/nheko).
|
| Or on the mobile side, FluffyChat (https://fluffychat.im/)
| and Nio (https://nio.chat/) are both solid alternatives.
|
| If you're coming from IRC, there's a WeeChat plugin
| (https://github.com/poljar/weechat-matrix) or a standalone
| terminal client called Gomuks
| (https://github.com/tulir/gomuks).
|
| It's still early days, but Element is genuinely committed
| to Matrix's success as an open protocol, and I find the
| community enthusiasm to be very encouraging.
| ncmncm wrote:
| Last I saw, Fractal did not support E2ee. Did that
| change?
|
| And, are Nheko or Neochat mature enough for a daily
| driver? Lasy I saw they were very alpha.
| approxim8ion wrote:
| The problem with Element is that the matrix.org main servers
| can already often be slow with message delivery, and will only
| get slower as more people onboard.
|
| And self-hosting Matrix is hard and requires pretty hefty
| hardware. If performance improves, it will certainly be a great
| option. For basic chats though, XMPP+OMEMO is still a really
| great lightweight option.
| sseneca wrote:
| I'm excited for Dendrite, their new homeserver written in Go
| which will hopefully solve at least some of these performance
| issues. I've hosted a Dendrite server for a couple months
| now, but haven't had the chance to use it much.
|
| With that said, it's been disappointing to see how slow
| development has been on it. Hopefully it picks up and they
| can get it out of beta this year.
| bilal4hmed wrote:
| Im looking forward to Dendrite, I think that changes the
| game for them in terms of performance. If im not mistaken
| at least one server was running on dendrite
| sseneca wrote:
| They have https://dendrite.matrix.org, and they use
| Dendrite to test new features (like Spaces). But its
| issue is it's not feature complete so I don't think it
| sees that much usage.
| bilal4hmed wrote:
| Im using it right now with one other person and it seems to
| be just as fast as any other service Ive used.
| approxim8ion wrote:
| It's not something that is always reproducible, and I
| suppose it depends on traffic and location as well to a
| certain extent. I've certainly found it satisfactory for
| general conversation but I do often see delays in delivery.
|
| This is, however, something I also see with Signal. Texts
| can often take 5-6 seconds to deliver.
| wheybags wrote:
| > I'm not a beta tester, but cryptocurrency is the worst
|
| 100% this. I'm not a beta tester, but I am a signal user. I
| reeeally don't want to have to hedge my recommendation of signal
| because it's involved with some cryptocurrency BS. Please, just
| be a chat app.
| bosswipe wrote:
| > Please, just be a chat app.
|
| Chat apps used to be just: send text.
|
| Over time the standard expectation for a chat app has become
| send text + online status + image + gifs + video + link
| previews + typing indicators + @ mentions + emoji reactions +
| stickers
|
| Fundamentally I don't see why adding "send money" violates it
| being just a chat app.
| __MatrixMan__ wrote:
| Sinal wants to protect their users. Sometimes those users ask
| each other to Venmo them some funds. Venmo isn't to be trusted
| with privacy.
|
| This seems like a natural next step to me.
| justapassenger wrote:
| Will they also block people from sending links? I cannot
| trust random websites with my privacy.
| 6gvONxR4sf7o wrote:
| If I wanted to use the external money app they're
| piggybacking on, I can use that. I don't need it to be all
| one app. I have a web browser app for all-in-one app when I
| want that.
| arenaninja wrote:
| I somewhat disagree. Sometimes I need to send payments
| internationally; in the US most chat apps allow for this. Or
| people use CashApp/PayPal. Sometimes I'm chatting with friends
| outside of the US and the choices to send money are very
| limited and problematic (e.g.: Argentina inflation, low PayPal
| adoption outside US and I think CashApp isn't available)
|
| I don't know the specifics of the cryptocurrency being used,
| but adding the ability to send money is welcome
| alpaca128 wrote:
| > low PayPal adoption outside US
|
| As a European I have the opposite impression. Pretty much all
| online sellers I know that don't offer Paypal are in the US.
|
| And sending money is one thing, having yet another weird
| cryptocurrency is not the right solution though.
| gruez wrote:
| >in the US most chat apps allow for this
|
| and those would be? The top chat apps are:
| https://www.statista.com/statistics/258749/most-popular-
| glob...
| epalm wrote:
| Agreed, please just be a chat app.
| alexnewman wrote:
| Why should signal be the only client I use without it.
| hiq wrote:
| It would have been more interesting to read your reaction to
| their answer to this concern, which is:
|
| > We've only been testing this in beta in one country, so lots
| of people haven't seen this yet and are imagining the worst.
| Don't worry, it's an opt-in feature, so if you don't ever want
| to use payments in Signal, you never have to.
| owenversteeg wrote:
| Of course it's opt in, it'd be patently absurd for it not to
| be. Nobody would use a chat app where some kind of weird
| crypto payments were mandatory. Advertising its opt-in nature
| as a feature is like advertising your cereal as asbestos
| free.
|
| https://xkcd.com/641/
| hiq wrote:
| > Advertising its opt-in nature as a feature is like
| advertising your cereal as asbestos free.
|
| I fail to see how, care to explain?
|
| It's opt-in as any other feature which is not the core of
| the app. You don't have to send stickers or GIFs. If you
| don't want to receive messages at all, you shouldn't
| install Signal because it will be hard to avoid, it's a
| core feature, it's not really opt-in.
| ineptech wrote:
| a) "Install this app, it's safe" != "Install this app,
| but only use this part, don't click on that part"
|
| b) opt-in features that are very profitable have a funny
| habit of transmorphing in to opt-out
| rOOb85 wrote:
| Except it's not enabled or visible by default. It will
| take the user navigating the settings to enable it. We
| all know non-tech users rarely if ever change default
| settings they don't understand.
| resfirestar wrote:
| I think it's a non-answer that doesn't need a new response.
| "You don't have to use it if you don't want to" doesn't
| address the GP's concern around recommending the app to
| people who might not know better.
| martin_a wrote:
| This won't help with what follows.
|
| "Bad guys" will use the anonymity of Signal to do the usual
| stuff: Phishing, collecting ransom etc. etc.
|
| Signal will get a bad image, no matter whether it's opt-in or
| not.
| hiq wrote:
| "Bad guys" already use Signal to communicate and some
| countries try to ban encryption, I'm not sure much will
| change here.
|
| Whether you should be able to transfer money in a private
| manner is a political choice. Signal is mostly showing that
| it's technically feasible. I don't see braving regulations
| to provide this feature to everyone, but time will tell.
| martin_a wrote:
| But before integrating payments, Signal was not a good
| way for phishing/ransom. Look at all the scams and
| whatnot where people have to go and buy some kind of
| coupon and pass the codes to the scammers and whatnot...
|
| Signals now integrates all of this right into the app.
|
| That's much easier than before!
|
| So... Big win... But for whom?
| tw04 wrote:
| So will their be a version of the app that doesn't have
| payments built in at all? Because if not it will only be a
| matter of time before someone comes up with a playbook
| convincing nontechnical users they need to send mobile coin
| to them in order to keep using signal.
|
| Even my non technical relatives know not to install another
| app that some stranger tells them they need. Trying to
| explain what cryptocurrency is and how not to fall into that
| trap if using signal sounds like a nightmare.
| verytrivial wrote:
| I'll not be using this cryptocurrency, but whether I continue to
| use Signal seems to be down to how much effort I have to put into
| trying to explain away the apparent conflicts of interest here.
| They certainly don't seem to be putting any effort in. "hey,
| relax, guy!" is not an explanation. They seem to be happily
| spending the Foundation's credibility on this though, so I guess
| the clock has started.
| g_sch wrote:
| I know, from watching Signal's development and public writings
| over the last several years, that their strategy is to bring
| privacy and security into as many people's lives as possible
| while matching the UX of the best for-profit surveillance
| capitalists out there. In HN threads like these, I usually find
| myself in the minority because I believe in this mission and how
| they've prioritized it over other goals e.g. decentralization,
| free software, etc.
|
| All that being said, I feel like they're really unfairly
| dismissing a lot of real concerns by characterizing them as just
| saying "cryptocurrency is the worst". The Signal Foundation
| absolutely understands that the key to winning the competition
| against FAANG and surveillance-based tech is just as much PR as
| software development. It requires people trust the app and the
| foundation to have their best interests in mind. Cryptocurrency
| may be popular, but it's definitely not synonymous with "safe and
| trustworthy" by any means.
|
| They also don't really answer the regulatory question.
| Governments, in particular the US government, _really_ doesn 't
| like unregulated finance. If there's a case to be made by some
| SEC or FBI busybody that the Signal Foundation is involved in
| financial crimes, they have a lot of resources available to bring
| the hammer down on them. And that's just the worst-case scenario.
| There are plenty of other avenues that the US government could
| use to kill this feature (or the app as a whole), including
| exerting legal pressure on Apple/Google to remove it from their
| App Stores, or simply making MOB next-to-impossible to purchase
| legally.
|
| I am in support of their mission to make payments private and
| secure. And I think there is a universe in which I can see this
| working out for Signal. The last few years have brought news of
| several well-known powerful people using Signal. US politicians
| have been known to use it, and the latest Facebook data leak
| seems to indicate Mark Zuckerberg is a user as well. If Signal is
| widely understood to be so valuable that people in positions of
| power are interested in using it, maybe they're betting that no
| one will dare touch them because they're too big to regulate.
| Here's hoping!
| pepemon wrote:
| Why isn't this banned and wiped from the existence like
| Telegram's TON? How is MobileCoin different from TON?
| wmf wrote:
| Maybe because TON had US investors but MobileCoin doesn't.
| thunkshift1 wrote:
| To all those complaining about this feature in signal, can you
| answer this question- how is a non-profit dedicated to providing
| a safe messaging supposed to make money to drive that mission? Do
| you think they will be able to compete with those deep pocket ed
| competitors to achieve their goals? Have YOU donated significant
| money regularly to signal to support them? If not why the hell
| are you cribbing about this change?
| travisporter wrote:
| Because of the lack of transparency. Signal users are not naive
| and can deal with the truth. If they need money, or want to be
| profitable why is there zero mention of in in the explanation?
| Whatsapp was dead to me the instant zuckerberg said it will
| always be free.
| wmf wrote:
| Will Signal make money from MobileCoin integration? How?
| dunefox wrote:
| They will donate.
| approxim8ion wrote:
| They have apparently promised to put significant funds into
| the Signal project in the years to come.
| Jiejeing wrote:
| This is not an argument. I do support XMPP developers who do
| great work with a budget that is less than 0.1% of signal's ,
| without vendor lock-in, and without partnering with dubious
| cryptocoin schemes. Granted, they do not have the "hacker
| extraordinaire" moxie vibe, but they get work done.
| lxgr wrote:
| Thought experiment: If the payments feature was based on a fork
| of MobileCoin that distributes all pre-mined coins evenly to all
| existing Signal users, rather than the status quo, would people
| be still upset?
|
| I think it would address some concerns, but personally, mixing
| concerns of secure messaging and cryptocurrency payments would
| still make me too uncomfortable.
| input_sh wrote:
| I wouldn't be upset if they just did it as a separate app with
| some level of Signal integration.
| sodality2 wrote:
| Way less people would use it in that case.
| alanpearce wrote:
| Something somewhat similar already happened: Stellar gave away
| XLM to Keybase after Keybase added an integrated Stellar
| wallet. Many people didn't like it[0], even I was not too
| impressed despite working in the Stellar ecosystem. Some people
| didn't like the mix of cryptography and cryptocurrency (at
| least, I certainly didn't)
|
| [0]: https://news.ycombinator.com/item?id=19913496
| ascorbic wrote:
| In all of the previous discussions, josh2600 has very pointedly
| avoided answering the question of what financial interest Moxie
| has in the MobileCoin companies. He's only said that Moxie
| doesn't personally own any of the currency, without saying
| whether he has any financial interest in the company that owns
| most of the coins. This does not engender trust.
| candiddevmike wrote:
| I'm not a fan of any kind of crypto, but the handwaving excuses
| for why they aren't pursuing alternative currencies are
| laughable. You could say the same about MobileCoin, and you don't
| provide any other justification other than blanket statements
| without citations.
|
| Signal, your bias is showing, and it makes me wonder what other
| vendors will get your ear and be integrated in the future.
| baby wrote:
| I'm in the crypto field and no, it's not laughable, it makes
| sense to me. Very few cryptocurrencies are good at targeting
| mobile users unfortunately. I think both Celo and Diem have
| good chances due to the fact that you can prove everything
| pretty easily to the client (and Celo does it with recursive
| zero knowledge proofs) but they are not privacy coins.
| freeone3000 wrote:
| What does "targeting mobile users" mean in the context of a
| currency? My bank doesn't "target mobile users" when it chose
| to offer interac payments.
| philips wrote:
| https://github.com/mobilecoinfoundation/fog#overview
|
| This explains the issues fairly well. tl;dr most
| blockchains require a CPU and/or network expensive sync
| which is prohibitive on mobile. As a fix/hack many web and
| mobile apps have a SPOF gateway which the client must trust
| absolutely.
| baby wrote:
| The whole point of cryptocurrencies is that you don't need
| to trust that your bank and all the other banks have
| settled funds correctly, you can verify that they've done
| it (to some extent). In the case of your experience, you
| have really no clue if the number your bank is showing you
| is accurate (and indeed errors are frequent, you probably
| have seen double charges or transactions that later
| disappeared).
|
| In the context of a cryptocurrency like bitcoin you also
| have to trust the server you're talking to, if you're a
| light client (a client that doesn't want to download the
| whole history). So Bitcoin is not a great choice for mobile
| clients that don't want to have to trust another third
| party. Which in general is the threat model of Signal.
| freeone3000 wrote:
| So, in short, a mobile-friendly network is a small
| network with simple algorithms and fast transfers, where
| every address is pseudonymous and may drop in or out at
| any time with no reputational results? These are very bad
| properties for a blockchain to have, from an integrity
| context.
| hiq wrote:
| Which alternative currency that fits their requirements are you
| suggesting?
| EMM_386 wrote:
| > Signal, your bias is showing, and it makes me wonder what
| other vendors will get your ear and be integrated in the
| future.
|
| The "vendor" in this case is the creator of Signal. The rabbit
| hole runs very deep on this situation.
|
| https://www.coindesk.com/signal-founder-may-have-been-more-t...
| PowerfulWizard wrote:
| I bought a small-ish amount MobileCoin last weekend after the
| Signal announcement made me realize it was available. I might as
| well write up my thesis for why I like it so much, so sorry in
| advance for the stream of semi-consciousness following.
|
| I sympathize with the people who are worried this will degrade
| the Signal app. I like Signal over iMessage and WhatsApp partly
| because of the purity of purpose of the app. I like Signal
| because it doesn't create a treadmill of constant change and
| features added to drive engagement. I like Signal because it
| doesn't have Stories.
|
| Signal as a messaging app is the best of its category, but there
| are other near-peers, new messaging apps are created every year,
| and I have ten other apps on my phone right now with DM
| capabilities.
|
| I view MobileCoin as unique in the cryptocurrency space as a
| cash-like, private, fast and efficient payments platform and
| store of value and as that alone it would be great. My biggest
| issues with using cryptocurrency in a physical-cash-like way are
| mostly proposed to be addressed by MobileCoin+Signal:
|
| - The hassle of using a non-custodial wallet, which is needed to
| truly possess your wallet. MobileCoin promises to let you control
| your own private-key on a mobile device. The iPhone is the most
| secure device I own: encrypted, biometric'd, and sandboxed.
| Having my private key on the phone plus a paper backup of the
| seed phrase is my ideal scheme for holding amounts under five
| figures.
|
| - Waiting 10+ minutes for a transaction to go through isn't good
| enough for everyday use. (Look up Monero and Zcash block times
| and how many confirmations exchanges require for a comparison.)
| Faster is better.
|
| - The meaninglessness of addresses: sending coins to a
| 40-character random string has already caused so much confusion.
| Linking it to your existing Signal address book is far superior.
|
| - Broadcasting your financial life to the universe just seems
| imprudent, I think privacy wins over non-privacy for this reason.
| Privacy has intrinsic value.
|
| - Proof-of-work systems just have a certain inelegance that I'm
| happy to leave behind. And the last few years in the Ethereum
| world shows how challenging this can be.
|
| It doesn't address the potential volatility that causes problems
| for a store of value. Which is a negative but not a deal-breaker
| in my opinion. It might be addressed with something like Stellar
| USDC but I really don't know enough about the MobileCoin design
| to know if it is possible on the MobileCoin network. The
| technology is still useful for transaction processing, it is just
| more useful if it is also a stable store of value.
|
| I don't view other cryptocurrencies as a risk to MobileCoin. If
| someone else can create better technology I'll use it happily and
| I'm guessing the people involved in MobileCoin would do the same.
|
| I don't view MobileCoin as a risk to Signal messenger, because I
| think Signal will do a good job, or if they don't, someone else
| will, and myself and my close contacts will switch apps for the
| nth time.
|
| The biggest risk to MobileCoin is that there might not be a
| citizen alive with the legal freedoms to actually use it. I
| really hope the project succeeds and I think Signal has a unique
| opportunity and unique credibility to do this. I think it will
| take 2-3 years to fully play out.
| GNU_James wrote:
| Element/Matrix doesn't have this problem.
| kentiko wrote:
| I had a look to Element after seeing it mentioned here multiple
| times. Sadly it' is too complicated for me to ask my friends
| and my family to switch to it. Signal was just so simple to use
| in comparison. Here even the name, Element/Matrix, needs
| explaining. Matrix is much more that a chat app, it's too much
| to be a Signal or Whatsapp replacement.
| GNU_James wrote:
| Your friends aren't too stupid to register a facebook account
| but registering on Element website is too hard for them? Come
| on man.
| dogecoinbase wrote:
| Previous discussion of the addition of payments here on HN:
| https://news.ycombinator.com/item?id=26713827
|
| In addition to the conflict of interest Moxie has (and, honestly,
| I can see that side -- of course he'd want to be involved in the
| cryptographic design of a privacy-preserving payment system --
| but he still needs to come clean about his relationship with
| MobileCoin), the most disturbing thing to me remains that the
| source to the server wasn't publicly updated for nearly a year
| while they added this feature, the timing of when the source went
| dark clearly indicates that specific intent, and Moxie's
| statement as recently as January that they didn't have specific
| plans to add payment/cryptocurrency when it's clear from the
| server source that they had been working on it for many, many
| months at that time.
|
| As usual, it's not the crime, it's the coverup.
| Klonoar wrote:
| What is up with people thinking he's not "come clean" about his
| relationship with it? He/Signal have noted they own no
| MobileCoins, and that he's been a paid advisor to MobileCoin.
| Doing anything behind the scenes feels like it'd be inviting
| SEC attention, which MobileCoin seems to want to actively avoid
| by trying to keep Americans off of it.
|
| What lack of transparency do people feel is missing (beyond the
| server source not being updated - I agree that's a big miss)?
| sodality2 wrote:
| https://www.coindesk.com/signal-founder-may-have-been-
| more-t...
|
| May have been more than an advisor.
| ppseafield wrote:
| As the server source drop showed, they had been working on it
| since April 2020, publicly downplayed the idea just three
| months ago, and then... launched the beta. I would describe
| that as pretty deceptive.
|
| "Marlinspike played down the potential of crypto payments in
| Signal, saying only that the company had done some "design
| explorations" around the idea. But significant engineering
| resources have been devoted to developing MobileCoin
| integrations in recent quarters, former employees said."
|
| January 25th, 2021
|
| https://www.theverge.com/22249391/signal-app-abuse-
| messaging...
| Klonoar wrote:
| Yeah - I just don't see how this is surprising.
|
| For any other company, if they were downplaying a product
| launch for timing/perception/etc reasons, nobody would bat
| an eye.
| temp667 wrote:
| The Signal Foundation is a nonprofit.
|
| It would be an enormous conflict of interest if Moxie had a
| financial stake in MobileCoin, and then drove signal to adopt
| this random crap coin.
|
| These guys keep on claiming just to be technical advisors with no
| financial interest or benefit from mobilecoin. BS.
|
| Let's get some auditors into Moxies / Signal Foundation stuff,
| figure out how this decision was made, if signal foundation
| received fair value for pushing their users this way etc etc.
|
| I got voted down before for saying this, but will keep on saying
| it. You can't use a charity and then leverage that charitys
| assets to enrich yourself outside of the charity.
|
| What's interesting is despite all the claims of "trust" and
| "security" vs using google etc these guys turn out to be what
| appears to be scammers.
|
| I've uninstalled signal - you should too.
| EMM_386 wrote:
| > The Signal Foundation is a nonprofit.
|
| Signal Messenger LLC isn't.
|
| "Signal Messenger LLC. was founded simultaneously with the
| Signal Technology Foundation and operates as its subsidiary.
| Its CEO is Moxie Marlinspike and it is responsible for the
| development of the Signal messaging app and the Signal
| Protocol."
|
| https://en.wikipedia.org/wiki/Signal_Foundation
| temp667 wrote:
| That's not how this works at all.
|
| These single member LLC's are considered disregarded entities
| in most cases. Many nonprofits use LLC's to own property, do
| app development etc for liability reasons. That doesn't
| obviate their need to act in a manner consistent with their
| parent entities objectives and public purpose.
| estaseuropano wrote:
| You claim to be judge, jury and executioner in one. I agree it
| all looks odd, but I can also see why no other integration
| might easily work. Would be good to dig for any possible issues
| but it might well be that that they write is actually the real
| set of reasons. I won't leave signal anytime soon both 1)
| because I see weirdness but no proof of wrongdoing and 2)
| because there is literally no better alternative.
| jeltz wrote:
| Strongly agreed. And Moxie has not denied being paid in stocks
| or stock options for his "technical advisor" position. But even
| if he was just paid in cash it would still be a conflict of
| interest. If MobileCoin needed him a a technical advisor they
| should have paid the Signal Foundation a consultancy fee for
| Moxie's time, not Moxie himself.To an outsider it looks very
| much like he used a donation funded foundation to enrich
| himself.
| gaius_baltar wrote:
| This forced integration is the worst decision Signal ever made
| (assuming they're sincere in their attempt to remove phone
| numbers as IDs).
|
| If we _really_ need a payment system, why not use GNU Taler? It
| 's not a coin but just a distributed way to move real currencies
| around. Also, it does not run afoul or taxing and does not allow
| pump and dump or price speculation. (maybe this question just
| became rhetoric)
| henearkr wrote:
| Yep. GNU Taler should be enough for all needs of a
| decentralized payment system.
|
| The whole need for cryptocurrencies is a dark area of tax
| evasion and illegality hiding (which it isn't even good at).
|
| Oh, something it does very well is to waste energy [edit:
| actually it seems like MobileCoin is not that hungry, see
| children comments].
| monkeydust wrote:
| Thanks. Never heard of GNU Taler,nice concept but is it being
| applied anywhere in the world today?
| bertman wrote:
| Yes, you can pay with it at a cafeteria snack machine in a
| Swiss university. https://taler.net/de/news/2020-09.html
| zajio1am wrote:
| > Yep. GNU Taler should be enough for all needs of a
| decentralized payment system.
|
| Not really. Unfortunately GNU Taler has distinct
| customer/merchant accounts so it is more alternative to
| specialized service-payment systems like visa/mastercard,
| than to general peer-to-peer payment systems like bank
| accounts.
| hiq wrote:
| > Oh, something it does very well is to waste energy.
|
| That's not the case for MobileCoin though. Energy waste does
| not seem to be direct a requirement by Signal to integrate a
| cryptocurrency, but the user friendliness and the fast
| transaction validation make it hard for a good candidate to
| be wasteful (there's only so much energy you can waste if
| your transaction is validated within 5s).
| henearkr wrote:
| That's a positive point for MobileCoin.
|
| This way it seems like they can follow a better path
| (regarding energy) than the mainline coins like btc, that's
| a very good thing.
| hanniabu wrote:
| Or it could have just been Monero, which is the most common
| privacy coin. The fact that they went with some no-name
| premined shitcoin is mind boggling and screams money grab.
| alexnewman wrote:
| This has been addressed on dozens of occasions
| wmf wrote:
| For one thing, Taler doesn't allow person-to-person payments.
| maipen wrote:
| Telegram's just better and doesn't need a centralized shitcoin.
| Instead of using the battle hardened technology that Monero is,
| Signal chose to create a *99% garanteed coin full of bugs to come
| in the future. - Privacy and Software ain't easy and monero is
| the best example of it and the many upgrades it has had and bug
| fixes during all these years. Have fun losing your customers
| money!
| infogulch wrote:
| People's insistence at bringing up Telegram as an alternative
| to Signal seems to be as incoherent as bringing up Go on a Rust
| thread. Their similarities end after the level-0 description as
| "recently-ish released messaging app / programming language".
| Telegram's requiring users to opt-in to encrypted messaging on
| a per-thread basis _does not_ enable claiming feature parity
| with Signal 's always-encrypted threads.
| baby wrote:
| Don't use telegram, use whatsapp or signal
| jeltz wrote:
| Or why not Matrix which is federated and has E2EE?
| femiagbabiaka wrote:
| Telegram is not "just better" from a security perspective,
| which is the one that should matter.
| vorticalbox wrote:
| > Your entire chat history will require no disk space on your
| device, and will be securely stored in the Telegram cloud for
| as long as you need it.
|
| This is the one thing putting me off, I want my chats on my
| device not on machine I don't own or have access to.
| aaaxyz wrote:
| Telegram tried to create their own cryptocurrency _twice_ :
| Gram which was cancelled due to the SEC cracking down on
| unregistered ICOs and TOM which is no longer affiliated with
| Telegram at all.
| throw7 wrote:
| I would like to thank Signal for enabling me to pay my therapist
| in MobileCoins. I'm sure she's gonna be thrilled! I know I am!
| Wxc2jjJmST9XWWL wrote:
| Isn't the biggest question: Why not a different app with some
| sort of signal integration? If that takes off and is successful,
| it could eventually be merged to be one application I suppose.
| But leveraging a huge user base from Signal (a messaging app with
| a sales pitch of a certain purity and no bs attitude to the
| problem at hand) to push a cryptocurrency payment system?
|
| Don't tell me anyone involved in doing this felt like this was
| 'the right way to go'. Which makes exact motivation behind it all
| the more questionable.
| hiq wrote:
| > But leveraging a huge user base from Signal (a messaging app
| with a sales pitch of a certain purity and no bs attitude to
| the problem at hand) to push a cryptocurrency payment system? >
| Don't tell me anyone involved in doing this felt like this was
| 'the right way to go'. Which makes exact motivation behind it
| all the more questionable.
|
| If this feature is to stay relevant, it has to be integrated
| within Signal. Otherwise competitors (who do integrate a
| payment feature) will just have a better UX.
|
| The choice was basically:
|
| 1. have the feature within Signal
|
| 2. have no user
|
| They chose 1.
| Wxc2jjJmST9XWWL wrote:
| I don't think that's honest. Signal has the reach to get
| plenty of beta-testers on board, enough to maybe grow it from
| there. I'm not saying that it isn't tougher to do this way,
| but it's not like a "Signal Payments" App with a similar Logo
| by the same outfit trusted by many people for secure
| messaging already, starts at absolute zero. Plenty of outfits
| would kill for the Signal IP to create something like a
| payments app.
| hiq wrote:
| > Signal has the reach to get plenty of beta-testers on
| board, enough to maybe grow it from there.
|
| I think we need a reality check here. When I check the
| Playstore, Signal has 50M downloads. WhatsApp has 2B.
| Signal is still largely the underdog.
|
| I could definitely imagine a few people using a "Signal
| Payments" app instead of whatever WA offers. But to
| actually compete with WhatsApp (which won't create a
| separate app), you can't afford to split the app in two.
| The aim is not that HN users are able to transfer money in
| a privacy-preserving way, it's that everybody can.
| Wxc2jjJmST9XWWL wrote:
| If the illusion is that it's Signal's ultimate goal to
| dethrone WhatsApp (and Paypal for payments?), I think I'm
| not the one in need of a reality check (forgive the
| provocative wording, I have no ill will towards you).
|
| Signal's (meaning the app) goal should be to be a long-
| term, secure, honest alternative for more privacy minded
| users, no matter their technical expertise? At least
| that's what I'm thinking.
| hiq wrote:
| > Signal's ultimate goal to dethrone WhatsApp
|
| I see it more like setting the baseline for the whole
| ecosystem. If Signal allows me to do X privately, why
| can't WhatsApp? To have this clout, they need to keep a
| non negligible market share and remain a threat to other
| messengers, which you can't do if you miss features your
| competitors have and that users value.
| sabhiram wrote:
| Not sure crypto is quite ready for this, but how can one justify
| these integrations with these purpose built "coins", when stable
| coins pegged to fiat exist? I would much rather send stuff over a
| medium that is digital and fixed in value.
|
| I know a lot of folks are big crypto naysayers, but there is a
| certain magic to being able to remit funds with ease to people
| and places where the process is not friendly. Chat app based
| money transactions is a thing and probably not going away anytime
| soon.
| stefan_ wrote:
| > It currently requires a wire transfer for people in the UK to
| get funds in and out
|
| Did it appear to these clowns that if I have to use a wire
| transfer anyway, _I can just use a fucking wire transfer_?
|
| The best part about this is that besides all the obvious
| criticism for hooking up your chat app to a pump&dump
| cryptocurrency scam, _the cryptocurrency is also just a
| legitimately terrible way to implement this feature_. Manual wire
| transfers? 50p per transaction? _Fucking price volatility_?
| vinay427 wrote:
| > Did it appear to these clowns that if I have to use a wire
| transfer anyway, I can just use a fucking wire transfer?
|
| You may have misunderstood what they're saying. The full
| sentence from which you quoted:
|
| > It currently requires a wire transfer for people in the UK to
| get funds in and out of cryptocurrency exchanges that support
| MobileCoin, which costs money.
|
| They're saying that you need a wire transfer to buy and sell
| MobileCoin using the currently-available exchanges. Once you
| possess MobileCoin, you can then send or receive it using the
| app without further wire transfers unless you choose to cash
| out. A wire transfer isn't necessary for a transaction in
| Signal.
| stefan_ wrote:
| No, I did not misunderstand at all. I care about solving my
| problem which presumably is sending money to my buddy in the
| easiest, most straightforward way. That is what a solution is
| going to be measured on.
|
| (Hint: you can just give people contingents of your make-
| believe currency. But it's a better scam if they wire
| transfer money for it!)
| hiq wrote:
| You have a point in the case of a volatile cryptocurrency:
| if 1 MOB is worth USD 10 one day and USD 1 the next, nobody
| will want to keep their MOB, so you have one bank transfer
| for one MOB transfer. It sucks.
|
| If MOB becomes less volatile over time, you could imagine
| people having USD 100 in MOB that they would trade for
| small debts, and they could be fine leaving this sum in
| MOB. In this case, you'd have several MOB transfers for
| just a few bank transfers, and it'd be an improvement.
|
| How stable they'll manage to make it, frankly I can't say,
| I believe it's still an open problem for them.
| iudqnolq wrote:
| > In this case, you'd have several MOB transfers for just
| a few bank transfers, and it'd be an improvement.
|
| It'd be less inconvenient that a worse cryptocurrency,
| but more inconvenient than hitting a button in your bank
| app (the uk has instant transfers already).
| hiq wrote:
| > but more inconvenient than hitting a button in your
| bank app
|
| Sure, assuming:
|
| 1. you have the app
|
| 2. you have the IBAN (or equivalent)
|
| I'd say 1. is a good assumption for younger generations
| (?), but 2. is still more friction than what Signal could
| offer.
| Dma54rhs wrote:
| These are standard things people have when they are savvy
| enough to own a mobile phone. In UK/EU they don't solve a
| problem tiny bit but rather make it more risky because of
| volatility and more difficult abs expensive to cash out.
| iudqnolq wrote:
| But you need a bank account to make a wire transfer to
| turn your real money into MOB.
| roywiggins wrote:
| How do you buy MobileCoin without an IBAN?
| jeltz wrote:
| Only 2.5% of the UK adult population is unbanked and if
| it is anything like here in Sweden that means virtually
| all of the other 97.5% have IBAN.
| harry8 wrote:
| >"Did it appear to these clowns that if I have to use a wire
| transfer anyway, I can just use a _____ wire transfer?"
|
| Yeah, it clearly did and they didn't like that you and everyone
| else doing that now has their transactions tracked. They know X
| paid Y an amount of $Z. They want you and everyone else to be
| able to transfer without anyone knowing to who. Just like using
| cash money in a shop (withdraw, transfer to Y, Y deposits in
| their bank and your banks know nothing as opposed to a direct
| deposit from X to Y where your banks know precisely when and
| who is on either end of the transfer).
|
| Yes, as they note their current solution has issues.
| Transaction fees are too high. Volatility is a problem for any
| currency used as a medium of exchange absolutely.
|
| So what is this? A start that can be improved on. If you want
| your transaction to be secret from your banks and those your
| banks share info with a wire transfer is probably not an
| improvement.
|
| Might not work at all. Might have other issues as yet undreamed
| of. We'll see. Given I don't ever have to use this and Moxie
| has earned a reputation of not being neither crook nor zuck I'm
| kinda happy to watch and see what happens.
|
| Immense amount of "Signal is terrible" on this site which
| doesn't make much sense to me.
|
| edit: Immense amount.
| ac29 wrote:
| > Volatility is a problem for any currency used as a medium
| of exchange absolutely.
|
| Volatility is not an issue for any major world currency (USD,
| Euro, Yen, etc). If I pay the bill at a restaurant and ask my
| friends to repay me on Venmo, the money I receive is worth
| exactly the same when it hits my bank account a few days
| later as when the bill was paid. Perhaps you could argue it
| changed by 0.01% or something due to inflation, but
| cryptocurrencies can easily change by several percent per
| day.
| high_derivative wrote:
| Oh come on, nothing on the conflict of interest of Moxie being
| involved with MobileCoin? You have to address the elephant in the
| room at _some_ point.
|
| (https://www.coindesk.com/signal-founder-may-have-been-more-t...)
| wmf wrote:
| Maybe they should rename MobileCoin to SignalCoin since it
| appears that was the purpose all along.
|
| As for the conflict of interest, Moxie appears to (currently)
| have a "name your price" reputation so he could have chosen any
| cryptocurrency and they'd probably pay him the same advisor
| fee. When he says that he chose/founded MobileCoin because in
| his opinion it's the best (in his value system), I actually
| believe him.
| jeltz wrote:
| Isn't that still a huge conflict of interest? As a key person
| of a foundation he should not be charging a private advisor
| fee from a company whose products the foundation plans to
| promote in the future. That seems like an excellent (and
| immoral) way to use a foundation enrich yourself.
| CraftThatBlock wrote:
| I agree, this post doesn't address any of the real feedback.
| I'm a fan of Signal, and I think a crypto wallet inside Signal
| could work, but it should:
|
| - Not be MobileCoin or any small-cap coin - Support
| Bitcoin/Litecoin/Etherum/other popular and trusted coins - Sync
| private keys using the same mechanism as messages
|
| Signal has had some questionable choices in the past, but this
| is over the line for their goal of privacy/security/trust.
| MobileCoin does not belong in Signal.
| hiq wrote:
| > - Not be MobileCoin or any small-cap coin
|
| Why not?
|
| > - Support Bitcoin/Litecoin/Etherum/other popular and
| trusted coins
|
| The post explains their requirements which these
| cryptocurrencies don't fit. Do you take issue with their
| requirements?
|
| > Sync private keys using the same mechanism as messages
|
| AFAIU it's non-custodial and it stays on the mobile client,
| meaning that there's no synchronization so far (the desktop
| client does not support these features). This could come
| eventually, but it's part of their requirements to stay out
| of the way and let the user handle their coins without
| trusting Signal.
|
| > this is over the line for their goal of privacy/security
|
| How so?
| ac29 wrote:
| > Why not?
|
| Because the price of small cap coins is insanely volatile,
| and even more subject to manipulation than cryptocurrencies
| in general. Mobilecoin's price changed by 1000% over the
| course of a couple weeks last month.
| vmception wrote:
| Woah so MobileCoin implements everything Monero has but with
| the Stellar/Ripple consensus model and uses intel SGX
| coprocessor?
|
| That's kind of interesting, cheap fast transactions, not proof
| of work, and only the validators have the SGX burden (Secret
| network does something like this with SGX for private-ish smart
| contract execution)
|
| So we dont like the premine and the forced integration and
| pump, which is meh to me, everything is premined these days I
| cant care much about that.
|
| I'm actually surprised it has some cool technology involved,
| most "privacy" coins dont pass the smell test and with a name
| like MobileCoin I just assumed the worst, but I still have to
| laugh that the purchasers had to do KYC then.
|
| Oh crypto.
|
| Its pretty clear that they omit some information to give people
| less to disagree with. They pump it and sell, thats going to
| happen. I don't care much about that either, speculators are
| going to get sold into, that's not even controversial.
|
| The Signal forced integration is grimy.
|
| I still wish there was a stable privacy coin. USDC and DAI on
| Tornado.cash is okay, but too few inputs to mix with.
| Mobilecoin doesnt solve that, just another volatile asset.
| DyslexicAtheist wrote:
| Signal used SGX already before MobileCoin (for their
| contacts).
|
| _" SGX is a pile of hacks in a trenchcoat pretending to be a
| secure enclave"_ --- paraphrasing the only correct summary of
| this technology.
| vmception wrote:
| I'm fine with all of those realities for this use case.
| LAMike wrote:
| > The MobileCoin transaction fee is currently around 50p ($0.60)
|
| It costs 1 SAT to send money over the Lightning Network, but you
| can't run a pump and dump on that so "MobileCoin" it is
| Thorentis wrote:
| They begin by describing what I had in mind when they said
| "Signal will integrate payments": some kind of framework for
| existing wallets/exchanges to send info via Signal that enables
| transactions to take place. QR codes that are "auto scanned"
| (like paper wallets that can be swiped), or something else
| entirely. I thought they would focus on building this framework,
| making it available to the crypto community, and then seeing what
| happens.
|
| Instead, they are still pushing their own coin, which has been
| heavily criticised for many reasons. They mention in the article
| that many cryptos have been nothing but "asset speculation" for a
| while. Well then why did the Mobile Coin creators premine so many
| coins? If they don't want to speculate on the value of their
| coin, why not just release it into the wild from Day 1? Every
| crypto founder cannot escape the FOMO of the Bitcoin era. They
| all wish they had made it big like some of the early lucky
| Bitcoin adopters, and no amount of grandstanding, or tech speak
| is going to convince me otherwise about any crypto founder.
| seibelj wrote:
| It's getting harder and harder for the tech elite (including HN)
| to denigrate crypto as something that is worthless. Bitcoin 60k,
| Ethereum innovations, NFTs, Coinbase IPO, every bank and
| financial company having a crypto / blockchain plan, and tens of
| millions of Americans owning cryptocurrency... not sure how much
| longer the blockchain haters can claim that all of this is 100%
| worthless.
| wmf wrote:
| The market can stay irrational longer than whatever.
| djanogo wrote:
| Got all the family to remove the app last week. On the bright
| side they punched early enough for us to get out before we got
| too used to the platform.
| kentiko wrote:
| I did this weeks ago. I am screwed, they will never listen to
| me again if I tell them to drop Signal...
| bilal4hmed wrote:
| what did yall go to?
| gojomo wrote:
| Unaddressed: that the reliance on Intel SGX for MobileCoin's
| consensus-system gives Intel a kill-switch for the network.
| ghughes wrote:
| Signal's increasing reliance on SGX is the elephant in the
| room. They keep announcing new features that require sending
| your cryptographic keys to someone else's "super trustworthy"
| computer.
| hiq wrote:
| What alternative do you suggest?
| ghughes wrote:
| Not indulging the pure fantasy that is secure remote
| computation.
| hiq wrote:
| I think this point is too technical to be addressed in this
| blog post, and it's already addressed in technical documents /
| talks from MobileCoin. In short, and IIUC, no Intel SGX means a
| bit less privacy but is still ok. In particular, it's not a
| kill-switch. Happy to be corrected though, I still know little
| about MobileCoin.
| StavrosK wrote:
| Does anyone have a link to the apk? I'd like to try this.
___________________________________________________________________
(page generated 2021-04-13 23:01 UTC)