Long time lurker of this forum here. I usually don’t post things, but yesterday I had an idea that I think might be relevant. I wanted to see what this community thought about it. It’s about solving the issue of multiple accounts to allow for reputation systems, voting, commerce etc.
I’ll start off with framing the problem: How can find out if someone whom you’ve only just met is trustworthy? How can you be reasonably sure that they are who they say they are? How can you know if they are actually going to mail you that thing you bought on the SAFE network version of Amazon (coming soon I hope!) after you transfer them your currency?
It occurred to me that the normal answer to this problem is to conduct a background check of some kind–that is, get some kind of feedback from the people with whom your subject has interacted previously. If I wanted to know if Alice was trustworthy, I could go and ask Alice’s previous client (for instance) Bob “Do you vouch for Alice?”. If I wanted to be more sure, I could ask a whole bunch of people who Bob has previously associated with and take an average. In fact this is exactly the way it is already done in the case of “seller’s ratings” or “trusted seller” etc.
However, there are clearly some major weaknesses in this scheme. Here are a few that I can see:
(1) What if people created a bunch of fake identities to vouch for themselves?
(2) What would prevent someone from “vandalizing” the ratings of another user (leaving unwarranted negative ratings)
(3) What would prevent the administrator of the system itself from censoring/manipulating or otherwise abusing his power? (such as selling “sponsored reviews”)
There is some evidence that this already happens with Ebay/Amazon/Reddit. What I was thinking is that the SAFE network provides the basic technology to begin to solve this system by taking it out of human control and using a clever algorithm to prevent the problems I mentioned in point (1) and (2). I do have an idea for such an algorithm. I want to reiterate that I have not thought about this for more than a couple days, so there might be some big problems with it, but that’s why I’m hoping you guys can be the devils advocate and try to shoot this down. Let me start off by explaining how I got this idea (please bear with me, I promise this is all leading somewhere!)
There is a website that I use called couchsurfing.org. Basically it’s a community where you can stay at the houses of people who have offered for free while traveling instead of a hotel. I’ve hosted travelers and “surfed” a lot myself. It’s really great. Anyway, the main question that people have about this when I tell them is something like “But how do you know the person who you’re going to stay with is not an axe murderer?” To this I reply, "Well, there is a feedback system, where each time you stay with someone or someone stays with you, you leave a rating on their public profile which either vouches for them (if you had a positive experience) or warns other travelers about this person (if you’ve had a bad time–I never have, but that’s beside the point).
Ok, so this is a fine system and all, but of course if you are very skeptical (which you should be!) then you might say, “Well how do you know that people are not just creating lots of profiles with fake pictures to leave themselves positive feedback?” Well, sure, they could be. So we have just changed the problem from “vetting that person” to “vetting the people who vouched for that person”. Of course we cannot be 100% sure, but if all the people who vouched for someone check out themselves (they have their own positive references, etc.) then can reasonably conclude that the person who they all vouched for is trustworthy? I think so. Well, good enough for couchsurfing anyway.
Bur not good enough for a very resilient system that would be needed for voting/commerce etc. If you’ve followed my train of thought thus far, I’m sure you’re thinking “What would stop someone from creating a whole huge web of profiles, like thousands of them, and then use them all to vouch for each other so that even if you checked all the references several ‘layers’ deep you still would be fooled?” Well, nothing would stop them is they were determined, and that’s the problem. I thought about this, and I realized that it is actually very easy to calculate how many fake profiles you would need to make in order to make web of references that was, let’s say, “n” layers deep, assuming that you insisted on having at a minimum x references for each layer. It’s just x^n. So if you wanted to check 4 layers in (the person => person’s references => each reference’s reference => THOSE reference’s references) with a minimum of 3 vouches, you would end up looking at 3^4 == 81 profiles in total. That’s not really too much, considering that checking 4 layer’s deep is pretty paranoid and we admitted earlier that creating thousands of fake profiles isn’t too hard to do.
But here is the crux of my idea: what if you automated this process in the SAFE network, via some kind of app? Here are the basic rules that the algorithm would follow when a “reputation check” is conducted on a given user (let’s call him Bob).
(1) The app queries, from Bob, the list of all the users that Bob has interacted with (perhaps names hashed to ensure anonymity).
(2) The app RANDOMLY selects a certain number (let’s say 5) of these names (randomness is key!).
(3) The app then takes an average of the ratings that were left from these 5 users… but we’re not done yet (we still need to weight the average based on the credibility of people who left references)
(4) The app sends out an identical query for the contacts of the people with whom EACH OF THESE 5 REFERENCES have interacted, and rates them according to the average of 5 more randomly selected ratings. This process is repeated “n” number of times, until the app has effectively gathered ratings data for a large number of accounts that are in the “tree” that is constructed by this iterating branching => querying process. Due to the exponential nature of this tree, the number accounts could easily number in the thousands.
(5) Now the app can reconstruct, from the bottom up, the weighted average rating of each user in the tree. So, for instance, if the user got a 100% positive rating (from some minimum number of other users) than any upvote that he contributed to the next layer in the tree would be weighted with a coefficient of 1 (the maximum level of credibility). If, however, the user had only 50% positive feedback, his vouching for someone else would be carry a reduced weight–50%–in proportion to how he himself had been rated.
(6) When this tree is followed all the way back up to Bob (the ‘trunk’), the app calculates that final number (derived from all those ratings farther up in branches) and this is Bob’s credibility rating.
Let’s say Bob receives 5/5 positive reviews. But 4 of those reviews are from accounts that are actually fake, and don’t have any reviews themselves. So then those 4 accounts with no reviews don’t contribute to Bob’s rating and so he ends up with only around 20% credibility rating.
It’s really, really, hard to describe this with words, but I hope you’re able to get some idea. In any case, if you’re on the same page with me at this point, you can see how this would require anyone who wants to make a fake account with a good rating to first create an exponentially huge number of other fake accounts and an elaborate tree of fake references in order to establish credibility. In order to prevent circular referencing, the app would compare the ratio of accounts/unique_accounts that it derived from it querying process and, if this number was significantly different from 1, would flag the account in question as a possible fake.
So that, if implemented properly, could solve problem (1). As long as there was some kind of effort (like a simple captcha) to create an account, it would not be worth it to have to create an entire fake tree of self-referencing accounts just to give credibility to one account.
Now for problem (2): how to stop people from leaving unwarranted negative references: If you think about it, the system I’ve described already might solve this problem naturally–since fake accounts (those not backed by a “real” tree of references) would have a weighted voting ability near to zero and thus could not do any damage.
As for issue number (3) (the system itself being abused) I’m counting on the decentralized SAFE network design and programmer’s a lot smarted than me to use cryptography to make this algortihm anonymous and tamper-proof with open source, signed software. Actually that’s why I want to put this post on this forum and not elsewhere–I’m not sure such a system would ever work if you had to trust a server.
Let me sum up by adding that this could offer an elegant solution to the “proof of unique human” problem that I’ve seen you guys discussing elsewhere on this forum. Basically, it all comes down to the fact that a large, non-self referencing tree or real accounts would take so much effort to fake that it would not be worth it. I could see this being used for not only for commerce/trust-assurance but also for voting/moderation functions, where a person’s vote is weighted according to the credibility they’ve established over time through a tree of positive interactions. It is worth pointing out that the voting credibility for a given person would be naturally limited by the system as “one person one vote”, thus precluding the situation of concentrated moderation power with a few users.
There is probably lot’s of holes in this argument, and please let me apologize to you noble people who have suffered through my entire wall of text! In any case, this is just something I had to dump out of my brain onto paper. I really look forward to getting some feedback and I’m hoping you guys can point out problems in this idea that I’m not seeing.