I, as many here, do not know how blind certificates work completely, but what I do know is that it has become very difficult to trust any third-party services. I personally do not trust that any third-party service fully maintains privacy.
Understandable, but that's the advantage of blind certificates. You won't need to trust that we don't keep logs, it would be impossible to log anything even if we tried. This will be provable beyond any doubt at any point since it's code, not just our words.
The blind certificates are certainly causing a lot of confusion since it's a relatively novel idea put into practice. Perhaps you all could create a graphic that would explain it clearly and in an illustrative manner? That would help a lot vs. reading paragraphs of text about it, and then it'd be easy to repost to answer this question moving forward.
Great idea, we will do that once we get some traction with the current version
3/3 is a case where three signature is required to sign a transaction. So, if one user isn't online or able to sign, then you are going to migrate to a new multi-sig with new signers and servers because you have the backup, you said that.
So, if you hold the backup for all 3 signers and you can always change the fate of situation, doesn't that mean that all you are doing by multi-sig is that you just put transparent curtains? I mean, what's the point of 3/3 multisig if you can always do whatever you want?
Currently I am all 3 "users", the point is that if you have a 2 server setup for the whole infrastructure, like in a case where we all know for a fact this is the truth, then the entire service including funds are at risk of being hacked/seized//the list goes on. I can't disclose the exact setup that we are running for obvious reasons but there are >5 servers, and all but the clearnet frontend one are not exposed. While risk still exists with our setup too, it's mitigated to a minimum. I am not trying to pretend that I don't have access to funds or anything like that, I said multiple times that unless there will be more signers besides me in the multi-sig, then users will have to trust me and it's just how it is. But at least if you assume I am honest, then you don't have to worry about much else. I don't believe you have this luxury with many other services.
After gaining trust, will the fast situation be deleted and only use notes? and what is your plans to get trust? only high-payment the signature campaign?
We will phase out the Fast mode only if we migrate to a setup with multiple signers. (I explained before it's because all signers could keep logs for Fast mode and we can't take that risk) As for trust I was planning to run a review campaign and lock a few
BTC in escrow, Hhampuz is looking to find a 3rd party to hold these funds. Not much else to do besides this other than running the service reliably, time will tell
What are the criteria for selecting *reputable users,* and will the contract be for decentralization and how will you deal with legal frameworks and how to make payments? Can anyone be a reliable member if he fulfills certain conditions, or is the list central?
I have no idea right now to be perfectly honest, but I hope that after some more time and discussions about this topic here we will come up with a reliable plan that we can execute.