This topic contains 4 replies, has 1 voice, and was last updated by James 4 months, 2 weeks ago.
January 5, 2018 at 1:07 pm #5256
I’m a cryptocurrency enthusiast and as a webmaster I think JSEcoin is exactly what we need to diversify income away from ads. But I think you’re making a very big mistake by running it in a centralized, “paypal” manner.
As JSEcoin stands now its administration can create accounts, delete accounts, transfer money, or block transferring money. Essentially all keys are in your hands. This is bad for two reasons.
Uber got hacked. Equifax got hacked. Verizon got hacked. The DNC got hacked. The DHS got hacked and yes, even the Pentagon got hacked. What makes you think you won’t? The only reason JSEcoin hasn’t been hacked yet is because it’s not a big of a target yet. Unless you release a bitcoin-like client and remove power from jsecoin.com you’ll be another Mtgox waiting to happen. In fact there may very well be a trojan already lying on your computers now waiting for the right moment when JSEcoin is convertible to USD before you wake and find every JSEcoin has been transferred and already sold for bitcoin.
What happens when the government orders you to send them the money I owe to the IRS from my JSE account? Or to freeze my funds because I called for an anti-trump rally on my site or published a video of cops shooting a man? What happens if your domain got censored in Russia or China? What if my country got under US sanctions? Decentralization not only protects your users, it removes a very huge burden off your shoulders. Again all these issues haven’t materialized yet because JSEcoin is still a small fish. Can you imagine how things would’ve went had bitcoin.org’s management been running all users wallets today?
Had we been living in a perfect world centralization would’ve been a better alternative in everything not just cryptocurrencies, but we’re not and the world is a very, very messy place. And I fear if you maintain the centralized model JSE will either end abruptly in a big heist or die slowly as it comes under more and more government regulation, with news headlines such as “JSEcoin forced to freeze all Iranian accounts as G8 negotiations fail” and forum comments like “JSEcoin cancelled my account too after ICE complained about my marijuana website despite being legal in Canada!!”.
It’s understandable why you may be reluctant to decentralize. One of your reasons for coming up with JSEcoin in the first place is saving energy and avoiding mining farms and botnets. But this is inevitable. If JSEcoin becomes ubiquitous it will still be a botnet target except victims PCs would now be consuming a bit less energy. Also botnets and mining browsers without visitors consent will continue with or without JSEcoin, and will also remain unacceptable and potentially illegal whether JSEcoin decentralizes or not.
Thank you.January 5, 2018 at 4:27 pm #5257
Sorry for the short post, but I agreeJanuary 5, 2018 at 5:53 pm #5258
JSECoin team already stated on November 11 2017 : “There are advantages and disadvantages to decentralization and in an ideal world we would like to take the best parts and create a hybrid system.”
As you said, decentralising the system is important both for security and somehow legality, but centralisation is also important to their vision as it’s more convenient to provide service to users. I’m pretty sure they will find the perfect technical consensus, don’t worry about it 😉January 6, 2018 at 1:40 am #5259
Worrying about it isn’t the problem. Putting a voice to this suggestion is what Hopeful did. Solutions are what brings results. Let’s find answers to decentralizing and put JSECOIN on the CC map.January 6, 2018 at 7:36 am #5260
Hi Hopeful that’s a great post, thank you for sharing.
I’ll layout our basic plans for a hybrid deccentalised system and then answer each of the queries separately.
We will be integrating with Ethereum via an ERC20 token. Ethereum is decentralized to an extent and investors are generally comfortable with it as they are used to dealing with ERC20 based tokens. Our platform will remain centralised and this is necessary because the web was built in a decentralised manner. Even new technologies such as webRTC and IPFS which claim to be decentralized rely on centralized “relay” servers. This is because 99%+ web based clients are behind a firewall which blocks any incoming connections. So without a major change to the way the web works and how users connect to it no web based platform will ever be able to claim to be fully decentralised. I believe the future of cryptocurrency is going to be deeply integrated with centralized web platforms. Already the majority of users are interacting with decentralized cryptocurrencies with centralized services such as Coinbase, Exchanges, Web Wallets etc. As adoption becomes more mainstream these services are going to become critical to making crypto accessible to non-technical users. There is also a benefit to consumers for centralized platforms. As a thought experiment ask would you be more happy with your Grandma using Paypal or Bitcoin?
So our platform is web based and will always be centralized to some extent. Our integration with Ethereum will allow JSE owners who want to use a decentralized token to be able to withdraw their funds from the platform to an exchange/offline wallet/paper wallet etc.
What we are trying to do is create a hybrid system that takes the best parts of decentralisation and combines them with the benefits of a centralised platform.
Having the platform centralized allows users to connect to a central server jsecoin.com, it also allows for us to carry out more stringent fraud checks.
Ok now on to your specific queries.
1. Hackers – you are absolutely right that this is a major threat to any cryptocurrency or online business. I think we should be planning for when this will happen as opposed to if and I will outline the precautions we are putting in place.
- Bug bounty program
- Business continuity plan
- Fund withdrawal restrictions
- Pin number on withdrawal
- KYC verification
- 3rd party security review and pentest before ICO
- Solidity contract review
- Open sourcing the code base in March
If there’s anything else you think we could do to help mitigate the threat please let me know.
2. Legislation – I have a slightly different view on this that I believe if governments wanted to block a decentralised platform they could. They control our network access so it wouldn’t be particularly technically challenging to block all connections to a peerlist. However I don’t think it would ever get to that because if the major governments start to see cryptocurrencies as a threat they could simply make it illegal and this would deter the vast majority of mainstream users. Without mainstream adoption speculators there would be no utility and no reason for speculative investment. You can see where this would lead I’m sure. Hopefully it will never come to that.
One final thing I would like to say is that I’m not hating on decentralised applications. In theory decentralisation is a magnificent idea with potentially game changing benefits. I do believe that many of the major cryptocurrencies have lost their way a little bit and those benefits are lost to the power of the large mining pools that now control the networks. Hopefully we can create a system which builds on the current systems and is attractive to investors, users and developers alike.
Thanks again for sharing your post.