Discussion about Implementation of protection tools

Development
1

I am really worried that a too complicated protection system will render Bisq unusable.

As a first step, we strongly believe that the trader P2P chat should be implemented along with this proposal so sellers can freely decide how to verify users, and that would be a really helpful feedback on what verification methods should we implement.
from Implementation of protection tools: strengthening Account Age by requiring payments from 2 Bank Accounts · Issue #93 · bisq-network/proposals · GitHub

Such a system may lead to a privacy nightmare like localbitcoin where photos of persons holding their IDs are collected by the sellers. There is a great potential of missue of such an image collection.

In the age of negative interest rates (aka expressed by horrendous account administration charges for having an account) a lot of people rather have fewer accounts. If someone has more than one account he still may choose not to expose more than one account to crypto related stuff if he must fear that the account may be frozen because of his suspicious activity by the bank…

So the question is: What enabled the scam? Insecure bank accounts without 2FA, right? So why not punish such insecure banks accounts in Bisq?

1 Like
2

Yes, understood – those are valid concerns. We’re considering other verification methods in addition to a second bank account, and also making the whole verification thing optional as well.

3

A rating of the bank accounts could be established with a scale like this:

  • AAA: Very strong 2FA with physical device (smard card etc.)
  • AA: Google authenticater (seed could be stolen), Cross-off list (could be copied)
  • A: SMS Europe (country dependend) SIM porting difficult (ID necessary at the vendor shop)
  • BBB:
  • BB: SMS in a country in which no real check is performed for SIM porting
  • B: Default value for unkown bank
  • CCC:
  • CC: None and all banks that were used in the scam

The rating could be managed and changed by the community like any other DAO parameters.

The rating will be transformed and used as an adjustment factor for the growing of the trade limit over time:

  • current limit = min (account age * adjustment factor (AAA=1, CC 0.1) * initial limit value || general max value)

With such a system people that have chosen a more secure bank will be rewarded with a faster upward adjustment of their trading limits.