[bisq-network/proposals] Using PoW for the P2P network messages as dos protection (#268)

[Manuel]

> Here was the latest version in detail: https://docs.google.com/document/d/1sTbm7SuIGQ5HWCwbxYfnklyMHB_-jIr7kAM9-ZSzzH8/edit

Yeah, I remember reviewing it some time ago, but I have a hard time following it :$  Sorry.  Privacy is a very difficult problem to solve because I've always thought that an undercover agent could harvest tons of information in fiat payment methods anyway (this is also pointed out in the comments of the document). 

However, I agree that despite the above, it is our duty to make it as private as possible.   The info in the "hidden" order book could be blinded by combining also a bond id into the hash, and to automatically renew the bond id every time an offer is closed (only the hash of the bond id would be public).  So only a third user that engages in a trade with both traders could know the bond id of both bonds and identify both parties for that specific trade.   But if we limit to only one concurrent offer, this would be a rare event and could only happen because of a bug or if both traders are trying to break the rules, but it would not be a privacy issue for normal honest users that don't tweak Bisq code in order to overuse their bonds.

If the above makes any sense, a workaround to allow concurrent trades is to setup multiple instances using the same payment account but with a separate BSQ Bond each.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/bisq-network/proposals/issues/268#issuecomment-735251950
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bisq.network/pipermail/bisq-github/attachments/20201128/83efb43e/attachment.htm>