Payment account age based trade amount limits


#1

We want to follow the idea of the Bitcoin improvement proposal process (BIP).
We call it Bisq improvement proposal.
That should help to get better quality and spot problems before code get shipped.

I added a Bisq improvement proposal for the implementation of a new security feature.
Please have a critical look and provide feedback!


New requirement for payment accounts with charge back risk
#2

I updated quite a lot.
Would appreciate feedback, it has quite a few tricky areas and easy to overlook some potential problems…


#3

Wouldn’t we benefit from having a scheme in naming the BIPs?

Like BIP-XYZZ with
X : The type of BIP improvment/new idea/feature specification…
Y : Modification or new addition
Z : Incremental number of the proposal

A bit like semantic versionnning.

Okay on the proposal contents :

Why not use the bitcoin nonce (or block height) instead of localtime? The computer must be connected to the internet so there must be a way to retrieve the current nonce.

Also since AccountAgeWitness is defacto a pseudo trust score why not think also about an account reputation framework. This blows out any anonymity but since it concerns bank accounts there’s no need for this.


#4

We could add version nr. to the BIPs…

Bitcoin blockheight might have been an idea. Though I am too close to release that I want to change anything now.

Re reputation: I can imagine that we could build more on top of that but I think reputation is problematic:

  • It contradicts with privacy
  • It gives wrong feeling for security and can hardly be really safe (sybil, long con)
  • Security in Bisq seems to be sufficient with existing tools.
  • Decentralized reputation is an unsolved research topic (at least I am not aware of a good solution, OpenBazaar gave up on it as far I have seen).

That said, if needed or if someone comes up with good solutions I am open.


#5

At first I didn’t because it looked like Bisq were becoming a reputation-driven exchange, but now I liked the idea. I have some doubts:

  • All this mess for a planned limit of about 1000$ maybe unnecessary. This expected limit looks very small to me. I’m not a whale, but lately all my trades have been over this limit.
  • Is there a limit on number of trades for a trader with low agewitness? Or at least, an alert of suspicious behavour when a new trader has, let’s say, more than three open trades at a time?
  • This “salt” thing. I think it’s to let users to migrate without losing their grade in agewitness. But I don’t get the word or how that could work. I suppose I’ll wait to see it working to understand better.

#6

Hi Manfred,

I recently had to reinstall my computer and lost my account status which had many trades. So now I’m not able to take some trades. Is there some way I could recover my trading history? I have my previous onion addresses in case that helps.


Trade limit of 0.1875
#7

if you have not done anything on the new installation you can copy over the old data directory and use that for the new installation. but be careful if u have changes (wallet or anything) that would be gone. backup both before any changes…


#8

Assuming I already did a transaction on a new Bisq I should not copy my old Bisq data and I have to wait for 2 months, correct?


#9

I think that is correct, yes. Unless you want to go back to using old Bisq data and withdraw your funds from the new one.


#10

At the accounts there is a salt field. If you want to move an account you need to copy the salt from the old account and use it at the new apps account. Rest of account data need to be the same. That feature allows to move old accounts to new apps without losing the “account age verification”.