Trust-Minimized Distributed Services with Fedimints?
From what I can tell, for Bitcoin, Fedimints look like a great trust-distributed solution to minimizing custodial risk, primarily for individuals who are part of a family or community. However, as alluded to in the Fedimint Primer, one application of Fedimints is in more distributed custodial scenarios, where organizations or groups are not necessarily located close to each other. Perhaps for providing internet based services in such a way that exit scams are extremely difficult and privacy is preserved.
I'm wondering if the following trust-minimized approach could achieve this. It could use two components, a Fedimint instance and a secure messaging system for members and nodes.
The instance of the Fedimint System could be operated by organization members run in a manner similar to any federation, which then can leveraged for secure and private financial transactions.
Then, I image an anonymous messaging mechanism which would be a secure and private communication platform resembling forums or group chats, akin to Signal or similar applications. Group participants are exclusively members of the Fedimint. Members can be certain of each other's membership status in the Fedimint via signings, but, the true identities and locations of other members remain unknown to each other. No communication among members of the group can occur outside the group because they don't know who / where each other are. As such, any collusion or any suspicious communication is easily detectable within the open and transparent group environment. Upon observing any irregularities, members can simply choose to exit the federation with their own funds, avoiding any perceived risk
I'm not totally versed on the current Fedimint software, but I have read that it comes with a built in messaging mechanism, but I'm not sure how strong the privacy / anonymity it has. I imagine getting such a group together in a way that they don't know each other could be a huge challenge.
I'd guess that the security level of such a system would be directly proportional to the degree of anonymity level. Perhaps depending upon the particular use case and amounts of funds involved, it may be overkill. But maybe the needs would be a case by case basic. Almost certainly, it would not be suitable for safeguarding life savings, but I imagine this model can make managing funds for distributed services very private and fairly safe.
I'm wondering if this kind of thing is inevitable to come in some form.
Certainly sounds achievable, but I also need to dig more into Fediment. I really have come around to the idea of both Fedimint & Cashu.
If we think about the types of LOCAL parties that will run the mints, I can certainly imagine community schools or Uncle Jims doing so, they are great to be trusted in that context. Also exciting the ability to make payments offline on Cashu, from blinded signatures.
ONLINE communities will no-doubt appear too, especially when we can automate proof of reserves & proof of membership of the Mint, removing another requirement of trust.
For those interested, this was a great explainer video on Cashu by Calle on WBD (which is similar in ways): https://www.youtube.com/watch?v=kUJmHo990Fk
reply
It seems you're onto why all the federation stuff is bunk...
Keep in mind that it's security model is no different than a large exchange, one who has diverse stakeholders (regulators, customers, management, shareholders etc) with a multisig vault.
Would anonymity of members give it an advantage over exchanges?
That assumes there would be users of an anonymized federation in the first place.
The concept of the federation is to trust a quorum of its members, so why would anyone choose a federation if you don't know who the members are?
This is why the software exists, so affinity scammers can issue debt tokens and pretend it's Bitcoin. Without the affinity, how would you scam people into using your mint?
reply
It uses XMPP for an additional communication protocol under the hood. I have no experience or knowledge about it from a privacy perspective.
reply
0 sats \ 1 reply \ @2 5 Jan
Fedimints seems safer than lightning. I can’t always be online every 5 days. Is the there a risk to being offline using fedimint?
reply
Rugging the multi-sig
reply