Hey everyone,
Given the recent announcement that we’re finally ready to roll out KYC, and that it will be required for all users creating deployments, I wanted to share a personal note with my take on why we’re doing this and why it’s a good thing for the project.
First and foremost, let me say that I don’t like KYC any more than anyone else. I don’t like getting my ID scanned when I buy a six pack, I don’t want to get my eyes scanned when I fly, and I really feel weird whenever I have to turn on my camera and look a little to the left then a little to the right.
When I joined the ThreeFold community as a farmer four and a half years ago, it never occurred to me that one day I might be fielding questions from the police about some activity originating from my ThreeFold node. Like many people operating our nodes, I didn’t fully understand its capabilities or how users of the network would essentially be borrowing my identity by way of my IP address if they deployed a workload to my node.
Thankfully, I never heard from the police, and I didn’t get a complaint from my ISP either. But a number of ThreeFold farmer’s haven’t been so lucky. Some have indeed been contacted by the police regarding activity that might have originated from their ThreeFold node. Quite a few have been contacted by their ISP, and in some cases the ISP is threatening to disconnect their internet service unless the issue is remedied.
Since we didn’t do any monitoring of user workloads so far, we didn’t have the data to confirm or deny the suspicion that the activities attracting attention originated from the farmer’s ThreeFold node. Certainly it’s possible there were some false positives, but the cumulative evidence is strong enough to know we have already have a real issue today.
Over the years we have had some extensive conversations as a community about the risks facing the ThreeFold network from illegal content and other illegal uses of cloud infrastructure. We’ve also come up with a variety of schemes for how to potentially address these risks. I’ve personally thought a lot about how we can protect farmers while also maximizing privacy for users.
There are various ways that KYC helps with this overall situation. First of all, users who complete KYC are less likely to do anything illegal or unacceptable to ISPs in the first place. Secondly, if something bad does happen and the police get involved, KYC can help to establish that the farmer was not ultimately responsibly for the wrongdoing. Finally, KYC means that users who put farmers at risk can be restricted, either from using certain nodes or from using the network as a whole.
I want to expand that last point, because I think it’s really essential to the value that KYC provides in our context. In the world of computer networks, a Sybil attack is the use of multiple user accounts to compromise a system. Linking accounts to individuals is the most obvious and effective way to prevent Sybil attacks. That’s what KYC does.
The other general approach to address the Sybil issue is to make it expensive to create multiple accounts. This could for example be implemented as a requirement to stake some tokens in order to activate an account. I even suggested an approach like this at some point. The issue though is that it doesn’t resolve the root problem.
Making it expensive to abuse the system is not a robust means to remove abusers from the system. But even with that concern aside, we’d have to agree on a mechanism that actually has teeth. If the users stake can always be redeemed after some waiting period, that’s hardly much of a penalty. On the other hand if their stake can be forfeited, it raises the question of who has the power to do the forfeiting. I suspect that anyone strongly opposed to KYC would also strongly oppose a system whereby ThreeFold holds the power to forfeit a stake on their account.
I’ll stop with that train of thought there, though I hope its obvious that we could have long and legitimate debates about all the details of such a system. KYC provides a proven and robust way to link individuals to accounts, and that provides our network with a robust way to remove abusive actors. It helps us solve a real problem we have today, which poses a real threat to the future of the project if it were to escalate.
Now I’ve seen some confusion that KYC is inherently against the core mission of ThreeFold (or what it was stated to be at some time in the past). But we have been very clear that anonymity is not one of our core values. And we have never advertised anonymity as a key feature of the cloud system that ThreeFold’s technology enables.
Our core goal is to develop a peer-to-peer open source cloud that can be deployed by anyone anywhere in the world. We want to help communities and countries to be able to operate their own independent cloud infrastructure. The purpose of the current KYC implementation is to ensure that we have a legally solid and legitimate operation that doesn’t get derailed by unchecked abusive use of the network, and also to ensure that the farmers providing capacity to the network are protected.
Let me close by saying that I’m also troubled by state surveillance and I see there’s a real need for technologies that do provide anonymous communication channels for journalists, whistle blowers, and activists. I think ThreeFold can potentially be a part of that story too, but rejecting KYC entirely isn’t the way.
Cheers,
Scott