[bisq-network/proposals] Send arbitration funds to a burning address instead of BTC donation address. (#135)

MwithM notifications at github.com
Mon Nov 11 15:31:15 UTC 2019


After thinking a little more about the attack, I've realized that electronic fiat payment methods are less vulnerable to it because of trade limits and account signing process. The attacker would need to steal an account or go through a very rigid identification system to be able to open accounts to use these payment methods. Only low volume markets could be used (making a buy offer with an invented bank account) to steal reasonable amounts (sending to DAO donation address the trade and deposit funds) because there's no trade limit.

@flix1 
> While we think about ways to improve this mechanism, it might be a good idea for current donation address holder @burning2019 to try to keep the balance low, say below 50% of the value of the BSQ 50k bond.
And of course the more eyes that are watching the donation address the better. We still have a trusted critical component in the system, but at least it is highly transparent.

Selling BTC below 50% of the BSQ locked bond is what [the role owner](https://github.com/bisq-network/proposals/issues/116) should do. Transparency doesn't help much: no matter the level of vigilance to the donation address, it would only produce an alarm when it's too late. I don't think that begging an almost anonymous person to act in a honest way is the way Bisq should work. Not when we have a possibility to stop trusting a third person and eliminate a single point of failure.
Burning funds that end into arbitration is possible, easy, secure and the best option to follow Bitcoin's principles.
As long as there's security deposits for both peers, it should end disputes without a good reason. Considering that disputes ending into arbitration would be rare and for a good reason, reimbursing arbitrators with DAO's own funds is something that Bisq could afford to do. Bisq would not be the first organization ever that compensates its users when things go wrong.

So after properly discussing this proposal, I'm pushing a **DAO vote** on Cycle 7 for:

_**Sending deposit and trade's funds from altcoin, low volume fiat markets and F2F trades to an unspendable address when arbitration timelock is triggered.**_

Better solutions could be developed in the future, but this is the most secure way to prevent the discussed attack.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/bisq-network/proposals/issues/135#issuecomment-552491732
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bisq.network/pipermail/bisq-github/attachments/20191111/687a44ae/attachment.html>


More information about the bisq-github mailing list