Generic value transfer primitive - master thesis

[synctext]

Problem description: architecture and deployment of trustworthy offline value transfer

The financial system is the heart of capitalism. In the online world we now have the Bitcoin open protocol for crypto tokens. No regulated alternative exists with sufficient consumer protection, stability, and state-based value guarantee. Central Bank Digital Currencies are being discussed by the European Central Bank, a digital Euro. You will build upon the Delft University experimental deployment of a digital Euro, turning it into a generic value transfer primitive. Source code

Requirements: The value transfer primitive is required to be a cash replacement :euro: . Value transfers do not require any intermediary. The requirements are to support low-value transactions, offline-first (Internet is optional), and compliance with existing laws. Value transfers may be fully automated in a machine-to-machine economy. A simple scenario is that a Tesla car could use this value transfer to buy or sell battery charge automatically.

This work is ideology driven. This works supports Delft University research towards a reformed financial sector that is more efficient, more effective in serving the wider economy and more resistant to bad behaviour of all kinds, Background reading on bearer instruments and central bank digital currency.

Digital identity is required to open a bank account. Unlimited anonymous money is not compliant with money laundering and anti-terror legislation. The problems with digital identity are unsolved. You will build upon the recent work by Rowdy who deployed a self-sovereign digital identity, eWallet, QR-code scanner, and zero-knowledge proof system. The UK minister of digital infrastructure announced their digital identity and digital trust framework also the Dutch vision on digital identity by our secretary-of-state (in Dutch only). (see also)

This master thesis is part of an incremental effort ongoing for 22 years at Delft University. We are trying to make the Internet more open, free, and fair. We are building open protocols for money, trust, code and data. A generic value transfer primitive is the cornerstone of any online economy. You will be the first to create one that works and scales.

[synctext]

Rough timeline (tentative)

• 1-2 months: read background, compile prior code, understand ID,wallet and CBDC
• 2 months: participate in design team of Digitale Bron Identiteit (Deliver a report, English thesis appendix)
• 5 months: value transfer primitive

[synctext]

Update on 30 March 2021. Many students are contributing to Superapp: 1) Machine Learning, 2) multi-sig Bitcoin, 3) liquidity pool Euro-Bitcoin 4) liquidity pool Bitcoin-Ethereum

Brainstorming on concrete directions:

• Reliable messaging of money to any identity (WhatsApp4Money)
• Generic Wallet (Euro,Bitcoin,Ethereum,Tribo), trust function and transfer primitive
• non-monetary value transfer: "this identity is a real person and trustworthy"
• Finality of transfers with unreliable message transfers
• DAO route with multi-sig Schnorr digital Euro
• International trail with Sweden, Germany

ToDo first sprint: get the superapp going from the sources. Start a Euro gateway. Understand the decentral social network: peerchat.

[synctext]

2nd Brainstorming on concrete directions:

• work towards concrete use-case that fully works
• either conduct mini-trail or not. No big trail.
• Focus on the reliability aspect (finality,code quality, message delivery)
• Experienced graphics designer! Making things look good
• Information exchange, ID validation, only revealing minimum of attributes
• Sending money to validated identities and validated business entities
  • public key registry
  • broad view
  • reliability aspect & polish
  • customer journey

Some related developments: Multi-sig server for Superapp: taproot.tribler.org

digital offline Euro... "The analysis confirms, by and large, our initial findings: what the public and professionals want the most from such a digital currency is privacy (43%), followed by security (18%), the ability to pay across the euro area (11%), no additional costs (9%) and offline usability (8%).", https://www.ecb.europa.eu/press/pr/date/2021/html/ecb.pr210414~ca3013c852.en.html

China and the race for the future of money. "China started with several urban pilots of the digital RMB—known formally as digital currency electronic payments (DCEP)—and is studying moves to broaden the trial to additional areas. DCEP is a fully digital version of the RMB, downloaded using authorised apps (digital wallets). The currency may incorporate secure technologies such as blockchain, as well as near-field communication (NFC) capabilities that allow offline money transfers when two wallets (typically mobile devices) touch.", https://www.pwc.com/gx/en/issues/reinventing-the-future/take-on-tomorrow/china-future-money.html also https://www.coindesk.com/goldman-sachs-digital-yuan-report

“States risk ceding control over many areas of finance and the economy to the private companies that dominate the digital space. Leading technology companies will entrench their monopoly positions, drawing on financial resources and superior engineering capacities. The monopoly on data held by third parties will continue to pose increasing risks of manipulation and criminal use of personal information. Privacy and the ethical use of data are key topics to be addressed by law enforcement, legislators and policy makers.” https://www.europol.europa.eu/activities-services/main-reports/european-union-serious-and-organised-crime-threat-assessment

[synctext]

To discuss: file transfer progress bar. (https://github.com/Tribler/tribler/issues/6023#issuecomment-828205116)

[jwbambacht]

First version problem description.

ProblemDescription.pdf

[synctext]

• Solid start of first thesis material!
  • Problem description needs bit more related work (SSI, DBI, CBDC,24 cent cost of PIN, ECB policy, etc.)
  • converting real money from a bank to digital cash in the form of EuroTokens, actually the central bank money is the more real money. Bank can legally print their own money through solid accounting magic :euro: :mage_man: :euro:
  • Players (e.g. like banks) are not to blame, but the ecosystem creates systemic fragility
  • Disconnect money transfers from banks. Banks with appetite for risk or weak AML are not critical to ecosystem. Never too big to fail. Shield consumers and economy.
  • storytelling in pictures make it somehow less scientific.
• Stopping all manual processes, straight-through digital processing and achieve a unbelievable 100x drop in payment infrastructure cost.
• Do you want the current US-based monopolists or you prefer a European-grown monopoly
• The Big Picture: create decentral economy with several generations of numerous master thesis students
• Generic value transfer primitives
  • Addressbook, validated public keys
  • Secure connection setup
  • Peerchat (whatsapp) interaction paradigm
  • Incoming messages, photos, videos, money, contracts, and files in general.
• Prior SSI work, generic framework for attestations: https://github.com/Tribler/tribler/issues/4461
• The EuroToken gateway not yet working! @rwblokzijl
• Thesis focus on reliability and security (PKI that actually works)?
  • QR codes
  • File transfer
  • DHT reliability
  • Connectability
  • Proxy bandwidth
• Related work reading and document by extending your .PDF document.
  • Science paper: http://www.ifaamas.org/Proceedings/aamas2021/pdfs/p1037.pdf

[jwbambacht]

Example App Sketch

[rwblokzijl]

I can help getting the EuroToken code to work. Do you have any way i can reach you?

[jwbambacht]

Updated version of problem description and a start on state of the art.

ProblemDescription_02-06-2021.pdf

[synctext]

Feel free to make it stronger, if you feel that way. You can keep it in this more "boring"/rational manner. Activism is OK at a university.

Within Tribler team we are interested to the point of obsession with monopolies: I. the financial system with the free money creation monopoly; II. global media and news organisation with structural bias, state-censorship, and fake news. III. Platform power with Google, Facebook, and Amazon with anti-competitive behaviour, winner-takes-all dynamics where competitive pressure has failed.

Opening line of problem description could be: the current financial system and digital economy is structurally unfair to citizens. Governments have failed to protect "consumer welfare". Citizens and economic actors have no alternative to banking services, Big Tech and their anti-competitive practices [1; 2]. This thesis contributes to a reformed financial/tech sector that is more efficient (I.), more effective in serving the wider economy (II.) and more resistant to bad behaviour of all kinds (III.).

Our first motivating example of market failure is the WhatsApp messaging platforms. [etc etc] Whatsapp failing terms-of-service. Competitor based on openness Signal has barriers to market entry, no network effect, compete against closed protocol. Whatsapp has stickyness, like Hotel California, you can install, but never leave. Unfortunately citizens are powerless in this uncompetitive market. Governments need to actively support Adversarial Interoperability. This thesis indirectly contributes to such efforts.

Cardinal financial primitive (idea for thesis core): arbitrary amount of Euros, arbitrary sized binary blob, and proof-of-existence (hash(Tx)) of this transaction on your personal Trustchain. Generic function to move both valuable information (euro=0), monetary value (blob=0), or financial transaction enriched with information (nothing=0). Generic in the sense that its a multi-currency transfer primitive (Bitcoin,Euro, Ethereum or Tether scam coins).

Comments Figure 2: Public key encryption and decryption. No tutorial inside thesis, just replace all those sections with a single [REF]. Please use the term wallet when talking about this.

ToDo: update Chapter 2, replace readable normal people speak with scientific sounding terms and more compressed formulation, Android hardware procured, coding steps. For instant pleasant experience; testnet for Euros, faucet with 10 Euros upon install, every user can instantly play with all features, plus existing Bitcoin testnet faucet.

Current thesis scoping: Reliable enough for money, flawless inter-SSI communication, contract signatures, citizen identities, ~~legal entity representation~~ (optional), ~~legally-binding business signatures~~ (optional2), and generic value transfer primitive.

Month	Description
March	start - Problem description: architecture and deployment of trustworthy offline value transfer
June	bootstrapped - compile code, run own hardware, 11-page thesis draft
Sep	feature freeze of value transfer in Superapp, start focus on reliability
Dec	Reliability testing infrastructure complete, documented reliability fixes, and scientific results ready (idea)
Jan	Thesis DONE

Everything comes together in your impressive design: identity personas, authority interactions, chat messages, and financial transactions. <IMG src="https://user-images.githubusercontent.com/325224/120616802-d1726280-c459-11eb-8233-c2312de9aa8f.png" width=230>

[jwbambacht]

Questions for this iteration:

• ~~conventional identity to digital identity adding/importing possible solution:~~ ~~1. show QRcode containing public key~~ ~~2. let the 3rd party (or other device) scan the QRcode~~ ~~3. conventional identity provider (or other device) creates a QRcode containing identity data encrypted using public key~~ ~~4. scan the created QRcode and decrypt using private key~~ ~~5. insert data in identity store~~
• ~~ideally an identity will always have the same public key for recoverability and consistency purposes. How to ensure that an identity will always map to the same public key? Give the user an seed phrase for instance after first initialization? What to do when the user does not know this phrase anymore? A seed phrase that is derived from the identity information can be mimicked by a malicious actor, which therefore can access the user's account. Can we expect the user is responsible for to keep it save and stored somewhere?~~
• ~~change public key of device in superapp to match personal identity public key~~
• chats between identities not on the chain due to privacy concerns

Screenshots of current iteration of app. Real running code, awaiting PR.

See more screenshots. Click to expand!

[synctext]

The thesis work is progressing nicely. Running code is looking great! We need to balance thesis direction:

1. value transfer primitive
2. Technical debt and refactoring (current focus: boost architecture cleanness, GUI, polish UX) Related work "Refactoring, Bug Fixing, and New Development Effect on Technical Debt: An Industrial Case Study"
3. Reliability testing infrastructure
4. identify faults in Trustchain and IPv8, 99% reliability. Enhancing algorithms towards 99.999% reliability. (

• "let the 3rd party (or other device) scan the QRcode", lets keep this out-of-scope and keep-as-is
• Put your current work into Pull Request this sprint?
• ToDo recommendation: spend 1+ week on https://github.com/budtmo/docker-android
  1. running locally
  2. run Superapp
  3. Superapp networking works
  4. multiple Superapps communicate

[jwbambacht]

The current iteration of the app. Identity and contacts/chats implemented for the biggest part. Attestations loaded from the database can be viewed as well. Adding/verifying attestations is on the to-do list. The exchange part must be implemented completely. <IMG src="https://user-images.githubusercontent.com/31626076/124653817-0e3cd980-de9e-11eb-9c88-d9dcb4fe79c2.gif" width=350>

Have been struggling to get docker-android going. A lot of errors and problems come up during the process. There is also a lack of documentation on how to set it up properly. I'll spend more time in the coming weeks. It was hard to spend more than a couple of hours at once due to frustration.

[synctext]

• Exact thesis direction, usability test with (25 -) 50 people? Android docker less good fit.
• Usability test with 39 users done within context of Bsc thesis on SSI with 5 students, the specific report is here: https://github.com/Tribler/tribler/files/6736098/A_Universal_Framework_for_Claim_Portability_in_Self_Sovereign_Identity_Applications.pdf
• Software architecture
  • usage of own app inside Superapp
  • all SSI and Peerchat code is self-developed and re-uses as much as possible
• Possible storyline for thesis. This thesis matures the existing ideas around identity into primitives for an automated digital society. Building blocks are self-sovereign identity, verifiable claims, authenticated communication with perfect forward secrecy, cloud-free personalised chat, programmable money, and a universal European wallet. This thesis presents the first Internet-deployed system which brings such a wealth of functionality together. Cardinal challenge is the integration and usability of an unprecedented range of primitives: identity, money, and self-determination. Furthermore, our elements are meticulously designed to evolve into an Decentralised Autonomous Organisation in coming decade as future work.
• ToDo:
  • App prototyping period (short)
  • App improvement cycles (4 or 6 rounds?) using real-world usage (thesis core)
  • Feedback from government stakeholders, like this author Cem: https://www.linkedin.com/pulse/deelnemen-aan-een-ico-tips-uit-de-praktijk-cem-adiyaman/
  • For European Commission communication, replace American identity in .GIF with EU-based ID

[synctext]

Note, about the ID wallet. Please consider adding TUDelft+logo as an issuer of diplomas. We can easily issue course credits in a live trail. 1 Oct 2021 the European Commission is collecting prototypes from many EU teams, their focus is cross-border diploma validity, see page 27: https://northsearegion.eu/media/16680/ebsi-explained-by-daniel-du-seuil.pdf

[jwbambacht]

The current iteration of the app. Added the exchange section, but is still a bit rough and sometimes not displaying the correct information. Options to transfer money by QR-code or directly to contact and request added. Contacts changed slightly, including ability to remove contacts and conversations. Identity now includes complementary attributes like address, email, .etc. These attributes can at a later point be shared within a chat or through QR-code. They are however not 'legal' attributes of an identity.

[synctext]

Feedback :

• Format of thesis in general classical 50-60 pages or use the scientific format of 12-pages IEEE density. Examples:
  • https://github.com/Tribler/tribler/files/6806948/Thesis-Draft-13-07-21.pdf
  • https://github.com/Tribler/tribler/issues/5221
• For thesis chapter "Problem Description":
  • what problem is addressed with the app?
  • When can you conclude that your app is perfect
  • Related work for exemplary usability research?
    • https://scholar.google.com/scholar?q=task+completion+time+usability
    • https://scholar.google.com/scholar?q=%22understanding%22+user+experience
• How generic is your fabric, easy to integrate diploma attestations or Corona QR codes (+x509 PKI-O certificate)? https://github.com/minvws/nl-covid19-coronacheck-provider-docs/blob/main/docs/providing-events-by-digid.md
• How to approach the core of the thesis: confront your code with reality
  • (small) print on cardboard and ask questions
  • (huge) put on Android store, invite Tweakers, and fill in surveymonkey
  • (debug) test internally to fix bugs
  • (scientific) iterate, identity painpoints, improve. Incrementally expand testing group when proven ready for it.
• ToDo: publish your work. Post .APK in a .zip file on this issue. (preferably re-named)

Month	Description
Sep	feature freeze of Superapp
Oct	First field test
Dec	Final iteration
Jan	Thesis DONE

[jwbambacht]

Attached is a zip file containing a (signed) apk that can be installed as a separate trustchain application (link)

[jwbambacht]

Big update to the app. Many new features are implemented, including interface changes and optimizations. See the (not exhaustive) list of updates below and a gif of screenshots:

• Many attachments can be sent between contacts in chats.
• Identity attributes can be created, modified, and shared with other contacts using the chat
• Attestations are implemented completely based on the work of Rowdy.
• Transactions between contacts and buy/sell from/to the online exchange portal are implemented. However, the eurotoken system is a bit buggy: -- often the balance is unvalidated that will get validated somewhere in the future. Sometimes manually verifying the balance or obtaining eurotokens from the online exchange portal results in a validated balance -- eurotokens that are sent to offline contacts will not be received automatically. The message that a transaction has been sent is received by the receiver, so a feature has been implemented that displays an error when a transaction is not received properly. The sender is also able to push resend in the chat when it has not been received yet.
• A QR-code scanner that automatically recognizes any QR code within the application has been implemented. The user can therefore use the scanner instead of having to browse to the correct fragment and click the right button to initiate a scan.

An updated (signed) apk can be downloaded in a zip file here. The application will be installed as a separate trustchain application.

[synctext]

Amazing progress this summer! We now have the following inside the superapp:

• Self-Sovereign Identity
  • :heavy_check_mark: Key management
  • :heavy_check_mark: Identity wallet
  • :heavy_check_mark: Verifiable claims in QR codes
  • :heavy_check_mark: Zero-knowledge proofs and attestations
  • :heavy_check_mark: Real-time and offline revocations
  • :heavy_check_mark: Attribute sharing: name, address, location, and personal data vault entries
  • :heavy_check_mark: No central point of failure, robust, disaster-proof (fully decentralised)
  • :heavy_check_mark: European Commission EBSI v2 integration
  • :x: Personal information is always encrypted and protected
• EuroToken
  • :heavy_check_mark: Digital wallet
  • :heavy_check_mark: Send money in real-time chats
  • :heavy_check_mark: Offline transfers between wallets
  • :heavy_check_mark: Gateway for Euro to EuroToken conversion
  • :heavy_check_mark: Existing IBAN integration (TIKKIE)
  • :heavy_check_mark: No central point of failure, robust, no fragile DiD "central resolver", disaster-proof (fully decentralised)
  • :heavy_check_mark: Optional central transaction monitoring for compliance with money laundering legislation
  • :x: Field trail with legal compliance (KYC,ALM)
• Social Networking
  • :heavy_check_mark: Address book of friend and contacts
  • :heavy_check_mark: Sharing of verified identities of friends
  • :heavy_check_mark: Sharing of any data with friends (Unicode, emoji, pictures attestations,location, and Euros)
  • :heavy_check_mark: Real-time messaging with contacts
  • :x: Group messaging with multiple contacts
  • :x: Compatibility with Facebook Instant Messaging
• Ecosystem
  • :heavy_check_mark: Non-profit open ecosystem on Github
  • :heavy_check_mark: Open Source without any exceptions
  • :heavy_check_mark: Permissionless innovation
  • :heavy_check_mark: Unbounded scalability (e.g. all citizens of European Union)
  • :heavy_check_mark: Zero cloud infrastructure, GDPR compliant, fully decentralised

Planned next weeks steps: Pull Request 2 September at the latest, unit testing https://github.com/Tribler/trustchain-superapp/actions ~~prepare usability study~~ ???Thesis scope: consolidation, integration, and refactoring of years of isolated prototypes into a single deployment-ready economic stack???

[jwbambacht]

Pull request is merged!

[jwbambacht]

New signed alternative apk of current version of the app. The merged version also contained an error when trying to send money. (apk)

Most of the time is spent trying to fix the errors for the pull request. Since I had no proper experience within an organization and forking this process took more time than wanted. Changes made to app in apk above:

• removal of word "passport" in text
• no special symbol for eurotoken but instead the euro symbol
• theme switching to include a light and more general color scheme
• some minor fixes and changes

[synctext]

Open question:

• do a field trail with merely 4 people. Take photos, document discovered issues, and fix. Compress to 3 weeks of effort.
• Leave maximum time to make a minimal viable WhatsApp alternative. :partying_face: :balloon: :partying_face:
  • feature complete: notifications when not inside the app
  • take photo and share (like whatsapp) ?
  • Release to Tweakers for (abusive) testing?
• https://i.blackhat.com/USA-19/Wednesday/us-19-Zaikin-Reverse-Engineering-WhatsApp-Encryption-For-Chat-Manipulation-And-More.pdf
• https://github.com/romanzaikin/BurpExtension-WhatsApp-Decryption-CheckPoint and https://github.com/mgp25/Instagram-API
• clean room code implementation
• Example of permissionless innovation: send an actual digital Euro between two Whats-app compatible open source clients.
• :x: unit testing :x: quality assurance

[jwbambacht]

New version attached. (apk)

• Green theme discarded and dark theme added
• Notifications added for any type of attachment and transactions. Clicking on notification will direct to the fragment
• Chats can be archived, muted, and even blocked. Notifications are only received for unarchived, unmuted, and unblocked chats. Blocked chats do not receive any messages at all, but will still receive transactions.
• Bottom dialog for options make sure that less unnecessary information is on the screen
• Settings fragment that allows to choose theme, see notification status of messages and transactions and in a future version will also include information like GDPR disclaimer
• Take a photo from camera and directly sent in chat (should still be compressed though)

Todo:

• Font size adjustability yet to figure out how to do.
• Performance when opening chat

[synctext]

Prior student work from 2018. NFC scan of passport https://github.com/Tribler/tribler/issues/2918#issuecomment-299701239 Also Retrieved signed data 3 with pop-up of BSN from datagroup 1 of passport Crypto library for passport EC curves (ECDSA Brainpool support) https://github.com/weidai11/cryptopp <IMG src="https://user-images.githubusercontent.com/325224/135588111-55a8473a-1403-4bba-b141-b5285ec6921a.png" width=160> Code link: https://github.com/digital-voting-pass/polling-station-app/blob/master/app/src/main/java/com/digitalvotingpass/passportconnection/PassportConActivity.java#L151

@drew2a you have a link to the code which in Python does the reliable binary transfer around IPv8? Answer: https://github.com/Tribler/tribler/blob/main/src/tribler-core/tribler_core/modules/remote_query_community/eva_protocol.py

Reminder: transferring money (and photos) should work reliably. Critical for a public launch (Tweakers?). Future sprint: problem description V1?

[jwbambacht]

digital voting pass

[jwbambacht]

New version of the app (apk)

This version includes the onboarding of a passport. An identity is set to be verified when both the camera and NFC chip are used to import the identity. All details are gathered from the biometric chip, so the possibility of forging is very small. When NFC is not supported on the device the details are scanned by the camera only. Since someone can forge this themselves, the identity is set to not verified. Verified users cannot change any identity details afterwards. Unverified users can only change their given names and surname since this is unchecked during the scan and can contain mistakes. The other details are directly gathered from the camera and are validated using the check digits on the document. A future update will include the verification status and name of identity within a sent message so the receiver is sure that he is talking to a real identity.

[synctext]

Next Sprint. Make your app production-ready? Robust data transfer primitive, transfer progress bar for uploading, downloading, and error handling. Translate Python into Kotlin: https://github.com/Tribler/tribler/blob/main/src/tribler-core/tribler_core/modules/remote_query_community/eva_protocol.py

Storyline still valid I believe, "from SSI to DAO", https://github.com/Tribler/tribler/issues/6029#issuecomment-875355470 10-page IEEE 2-Column format of thesis (writing sprint?).

[jwbambacht]

New apk to use tomorrow https://bit.ly/3vEohA9

This version includes identity importing, automatic transfer of identity name, verification status, and profile image by chat. By tapping the name of the contact in the action bar a dialog opens displaying relevant information of the contact.

[jwbambacht]

New version apk (apk)

In this version, the following features are added:

• Slight internal modifications to the identity onboarding process
• Every message contains some info about the sender: identity initials + surname, verification status, and profile image hash. This can be used to build trust with your contact, especially when not connected in person. Still to do: show when identity information changed.
• Action bar now contains profile image, nickname, verification status, connected status.
• Ability to transfer profile image to/from contact. This happens automatically under the hood. Every message contains the hash of the current profile image. Upon receipt of a message, it is checked whether this is up2date. If not, a request to send the profile image is sent. Upon receipt of a request, the profile image is compressed and sent. Possible settings option to disable sharing of profile image due to privacy???
• Initially, the picture from a passport/ID card is used as a profile picture. It is also possible to modify it to something different.
• When in chat you can now click on the action bar (profile image, name, or subtitle) to show a dialog with more information about the contact. You can also give the contact a nickname such that the identity name is not directly used.
• Modified notifications to include internal clickable notifications when the user has opened the app.

Still todo: proper friend request, some fixes to the notification system, show when identity information changed.

[synctext]

Thesis work nearing completion :clap: :tada: Final feature the file transfer (250MByte example). Writing. Take 5 working days for the user evaluation chapter. This thesis is the first exploratory study into the societal infrastructure for identity, trust, money, and data. Cornerstone of any online economy. You will be the first to create one that works and scales. Creating societal infrastructure which is decentralised and anti-fragile is seen as essential due to our learnings from Covid crisis.

Brainstorm... Recruit 4 people from ministries and financial regulators. Measure task completion time for:

• Installing and start. Give them a paper card with name of app to install
• add passport or ID. Give them a paper card "please verify your identity using a government-issued form of ID"
• chat with friend. Give them a paper card with QR code of a friend.
• share photo. Give them a paper card "send photo of this to your friend"
• share phone. Give them a paper card "add your phone number as an identity attribute and send to your friend"
• money. Give them a paper card "request 128 Euro from this friend"

[jwbambacht]

Since the last meeting have been enjoying a (well deserved) holiday and focused on writing the journal article. Had some difficulties getting started in the beginning, but finally managed to get going. It is still a work in progress and there's probably too much text in the introduction, but I will look at what to do with that at a later point in time.

Article_22_11_2021.pdf

Did not do much on the app this sprint. I've however come up with a name: ConfIDapp. A mix of: Confido (trust in Latin), ID, Dapp: Decentralized Application.

[synctext]

Review of https://github.com/Tribler/tribler/files/7584365/Article_22_11_2021.pdf

• Excellent progress again :clap:
• Study the IEEE master thesis format
  • paper-inside-thesis format used commonly by pattern recognition research group.
  • A second example of a thesis that combines (a) a paper with (b) supplementary material is: https://repository.tudelft.nl/islandora/object/uuid%3A2e793ece-4572-4bb6-83e3-541be467cb4f
  • IEEE Thesis example from our own lab completed and in official repository.
  • Plus Rowdy his SSI thesis work: https://repository.tudelft.nl/islandora/object/uuid:32711378-2f6f-452e-b65c-1866c471e934
• "These platforms abuse the users’ private data by making them the product to earn money and gain company value.", great point. Jumping between topics here. Start with this issue in abstract and explain it more slowly. This complex sentence aims to explains 3-4 things, too much.
• "Current messaging platforms not only violate privacy awareness of its owners but also have no proper way to enforce trust between participants."; Big Tech platforms in general have this hurtful impact on society.
• "Privacy is mostly fulfilled by the data only traversing the network without making an intermediate stop at the platforms central server", poor indirect formulation.
• "Trust is an integral part when it comes to online communication, especially with involvement of money transfer." poor reader has no idea what you mean. Dollars, Euros, Bitcoins, stable coins or CBDC. No intro sentence.
• "The introduction of CBDC’s does not contribute to this problem." Make every sentence precise. Are you talking about contributing to the problem or adding to a solution?
• "Cash payments will eventually disappear in the future." Citation needed.
• Problem description about SSI or about how "Identity, Trust, Money, and Data" could be supported by a unifying {wallet} paradigm and single system architecture. is this a 'problem' in your scope: https://en.wikipedia.org/wiki/List_of_data_breaches?
• "This is the first work that presents a societal decentralized infrastructure that combines identity with the enforcement of trust and the transfer of money and data" either an intro remark or design opening line. Not here. Or say: currently no design has been proposed for the... We believe our proposal is the first realistic proposal.. and the first Internet-deployed operational prototype...
• Big Tech rules only in 'the West'. Alternatives are a single open platform, not proprietary platforms with user lock-in. Explain (briefly) why mobile Internet is best defined as a single ecosystem for everything. Then the unifying paradigm is proven to be messaging, according to digital economy of China: https://www.boyden.com/media/why-wechat-is-dominating-the-mobile-internet-600010/index.html
• Final figure of IEEE article: performance analysis of file transfer (250MByte example; prior Python code example).

[synctext]

What is the cardinal related work? Metamask seems to come close, quite mature app and combines several paradigms (ID,wallet,DeFi,exchanges,embedded browser,dApps, etc). Architecture on Github details: https://github.com/MetaMask/metamask-mobile/blob/949368384751c1379efc83e6a1a1a7070900c4b0/architecture.svg

[jwbambacht]

Updated version of the app (zip).

• Mainly worked on implementing the EVA protocol into the TrustChain application, which is working as expected after some necessary python-Kotlin code translations. The PeerChat community now applies the EVA protocol by default for the transfer of (larger) binary attachments like images. Simple serialized attachments only containing text still use the default IPv8 method. Currently set the window size of the protocol to 64 as it feels like the performance was the best, but I need a more thorough performance analysis to find the optimal window size (if time would allow it). It may be interesting to see if that a single optimal value can be found for different connection compositions as well: wifi-to-wifi, wifi-to-4g, and 4g-to-4g. This would also be a contribution to the paper. I expected the transfer speeds to be a little bit faster. Hopefully finding an optimal window size (and possibly tuning the other parameters as well) help improve the performance of the protocol.
• In a chat within ConfIDapp the file size and downloading progress can be tracked to get more insight into the download process. Since IPv8 only supports one concurrent transfer other transfers will be scheduled to be downloaded after the current file has been transferred. Currently, only photos can be transferred, but I will implement the transfer of any(?) filetype as well.
• Within a chat it is now recognized when the identity of the contact has changed. The identity information that has changed will be displayed in the chat when the identity is determined initially and when it has changed during a conversation. The change will only be recognized when the contact sends a message to you, due to privacy concerns.
• Some minor changes to the app and have been working on a proper friend request scheme that includes identity information for trust enforcement.

No progress has been made with the paper since implementing the EVA protocol took quite some time. For the next sprint, I'm planning to spend about half of the time to the paper.

[synctext]

• Murphy effect: py-ipv8 code accidentally deleted, demo going wrong :hammer: :face_with_head_bandage:
• Positive news: EVA worked!
• Main thesis elements completed, now only polish + :writing_hand: remains
• Window size scientific background material. Make a few graphs for thesis. (above mentioned: 250MByte example)
• EVA is limited to 1 ongoing file transfer. Implementation completed of a queue with "scheduled" file transfer.
• Master thesis related work section: screenshot(s).
• This is much bigger than the GDPR, more like "The Euro Project" in size. Very much under the radar of many people: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32021H0946 :id: :eu: the European ID Toolbox
• ToDo: push to mainline for Robbert to continue on EuroToken

Web3 complete reading list (ongoing editing with new discovered stuff)

• Master thesis storyline "ID, trust, money, data, and AI" in Web3 context:
• https://www.psl.com/feed-posts/web3-engineer-take
• https://networked.substack.com/p/web3-i-have-my-daots
• https://cdixon.org/2018/02/18/why-decentralization-matters
• https://www.thediff.co/p/the-promise-and-paradox-of-decentralization
• https://www.chris-granger.com/2021/12/09/is-web3-anything/
• https://www.ietf.org/archive/id/draft-nottingham-avoiding-internet-centralization-00.html#name-introduction
• https://www.oreilly.com/radar/why-its-too-early-to-get-excited-about-web3/
• https://blog.wesleyac.com/posts/web3-centralized
• https://moxie.org/2022/01/07/web3-first-impressions.html by Moxie!!
• https://future.a16z.com/web3-decentralization-models-framework-principles-how-to/
• Negative Web3 writings:
  • Fake Decentralisation: "tax on wealth that the rich wouldn’t be able to evade", The removal of capitalism would help prevent the long-term centralization of a digital currency, so I think it’s a topic worth exploring, even if you dislike non-capitalist economies or stan the free market. (echo of 'preservation of centralisation law')
  • https://yesterweb.org/no-to-web3/

[jwbambacht]

New version of app that has an updated EVA protocol for a massive increase in transfer speed.

https://filebin.net/kijjf087lr6u43j2

[jwbambacht]

New sprint, new apk https://filebin.net/8320ndukryz5zu3w, updated article Article_4_1_2022.pdf, and poster for next week Poster - Web3 Identity v1.pdf.

• Created a poster for next week. Feedback is appreciated 😄.
• Article title changed to include Web3 instead of ConfIDapp. Also included the section Experimental Analysis. The rest of the article hasn't been changed yet.
• Primarily focused on improving the EVA protocol, which I think was successful. I'm not sure what the transfer speed of the first version of the Kotlin EVA protocol was, but the updated version is much faster and reached about 215kB/s on average.
• Created an EVA Test class and debug mode for the EVA protocol that logs a file on the phone storage. Executed an experimental analysis, processed the data in Python, and started reporting it in the article. Is it also interesting to include the transfer speed of PeerChat from before using the EVA protocol as this was extremely slow and unpredictable?
• App now contains a media gallery to browse and view images and files, and even has the possibility to zoom images.
• App can now send any file of the following mimeTypes: application/, video/, text/plain. Only images can be opened within the app.
• App can now download images and files to phone storage.
• App has an improved location view with Google Maps integration. To send a location, the user can choose its current location or drop a pin on the map. A received location can now be viewed within the app.

[synctext]

• Great first draft of poster. Internet-deployed: https://play.google.com/store/apps/details?id=nl.tudelft.trustchain
• Your paper does not mention this is "server-free infrastructure", see my prior example on such a storyline.
• Zero-server technology stack for ID, trust, money and data
• EVA protocol is first ever instance of app-to-app communication which is zero-server and performant.
  • Transfer of bits without any centrality
  • Bit can represent any value transfer or data movement
  • Foundational building block for the future of the Internet: Web3
  • First principles: identity, trust, and permissionless
• "The runtime of the tests for each window size and block size", we tested upto the maximum valid IPv8 packet payload (ethernet-UPD-IPv8;1500-8-176??)
• code upload!
• Next step is to pick a target date for msc defense with committee members

[jwbambacht]

New update to the article. Article_21_01_22.pdf

[synctext]

:+1: Getting ready for defence soon :+1:

• Abstract is now dominated by negativity, please discuss your solution at length.
• Introduction is missing remarks like 'these organisation have proven to be borderline incompetent at protecting all this hoard of private information'. Commercial entities have an incentive to minimise spending on cybersecurity. https://www.zdnet.com/article/the-biggest-data-breaches-of-2021/
• DigiD and IRMA are very Dutch, more international: https://medium.com/amber-group/decentralized-identity-passport-to-web3-d3373479268a
• Add citation: "enormous amount of money as every successful authentication costs"
• you selected the conversational interface paradigm. Explain, motivate, and discuss alternatives {briefly} https://link.springer.com/content/pdf/10.1007/978-3-319-32967-3.pdf
• Personal info SQL storage in encrypted or plain-text storage form? (document) "not a commercial product, so plain-text and simple"
• Same negativity as earlier: 'the global financial infrastructure is failing to provide real-time cross-border payment' 'financial infrastructure is dominated by a select few monopoly players with high profits and near-zero innovation.' "Central Bank Digital Currency (CBDC). " no mention or citation of digital Euro roadmap.
• "E. Data" Big Tech now owns your data. https://ec.europa.eu/info/strategy/priorities-2019-2024/europe-fit-digital-age/digital-markets-act-ensuring-fair-and-open-digital-markets_en
• What did you spend time on during implementation phase? Also described? 'screen navigation'

[jwbambacht]

digid costs

[jwbambacht]

Thesis in the correct format. Thesis_3_2_22.pdf

[synctext]

Solid progress! Getting ready to pick a defence date. Quick scan only:

• please also submit here before your defense and please list me as a co-author
• Figures can be further polished; try to use a single graphical style
• Measurement results are bit too small to understand

[jwbambacht]

Final draft of the thesis Thesis_7_2_22.pdf

[synctext]

• Polish phase beginning!
• 12MByte thesis, compress the picture with 50% perhaps?
• Small textual polish required: "Ownership of identities is generally with governments."; "societal platforms"? Uncompromising citizen-centric
• Its very well hidden in abstract: induce disruption across society by empowering citizens and take back control. Societal infrastructure. Clearer and sharper like:
  1. Citizens are locked into Big Tech for personal data storage and their for-profit digital identity.
  2. Citizens do not owns their passport. The European Commission is aiming to transition this govenrment property towards to self-sovereign identity.
  3. Citizens are no longer locked into a bank with non-portable IBAN accounts numbering, legacy banking infrastructure becomes unsustainable, migration to an all-digital low-fraud infrastructure, and healthier competitive marketplace.
• "The current digital infrastructure and financial system are unfit and structurally unfair to citizens" more powerful version: 'The online world is structurally unfair to citizens.'

[synctext]

File of 10MB, normalised to 5 MByte Also, to verify the independence of the file size of the transfer, the experiment is executed for a file size of 5MB and 10MB (and normalized to 5MB for comparison).

Please only use 250MByte files everywhere. And note in the text that you tested other files sizes, and confirm that this parameter has no influence. No need to show lots of uninteresting figures, right?

Fig. 13: Evaluation of the performance of a transfer of 250MB The exact reason for this is unknown, but it is expected to be some limitation in IPv8.

This is very poor performance. 90% or something is lost. These GHz devices and their 4G and/or Wifi5 transfers can do more. Fix, explain or document please.

[jwbambacht]

Updated draft Thesis_17_02_22.pdf

EVA kotlin tests

[synctext]

Solid tuning! Getting ready for defence. <IMG src=https://user-images.githubusercontent.com/325224/154455589-18b1c79b-c147-4f23-945b-8eddae37bcef.png width=300> The maximum parameter settings are big blocks (B=1200) and big window (W=128), expressed in KByte: 1200 x 128 / 1024 = 150 KByte of unacknowledged data as the fundamental limit to data transfer performance. So with certain latency we have an exact speed limit. No packet loss experiment, no latency emulator. Note what is done on the EVA Python implementation: <IMG src=https://user-images.githubusercontent.com/13798583/138673130-256f80bb-cabf-47e6-b51e-b71cb96f552a.png width=300> Lots of EVA protocol test code is written! Code coverage 70%, but achievement is not claimed within your thesis Citations of Creative Commons link for copyrighted Tim Berners-Lee photo Please do an arXiv.org upload! Is Android CI still working https://github.com/Tribler/kotlin-ipv8/actions/workflows/android.yml

[jwbambacht]

Defence_Presentation v1.pdf Thesis_JW_Bambacht_24_02_22.pdf Paper_24_02_22.pdf

[synctext]

Quick comments on .PPT

• slide with "Problem Description" is scientific terms and with scientific depth.
• You created the first architecture, design, and proof-of-principle of societal infrastructure.
• Change the slides from engineering perspective towards science view: alternative to Big Tech.
• Mention difficult scientific properties of your architecture: permissionless (for instance).
• Slide 7 is industry comparison, not a single scientific reference or footnote "Source: ....Journal of...".

Related work status.IM chat + wallet + Web3 browser. Requires central servers! <IMG src=https://user-images.githubusercontent.com/325224/155966312-1af41786-1f42-40b4-9ef6-03cc7395e80d.png width=150> Related work Sylo chat, video calls, crypto wallet and 'metaverse': <IMG src=https://user-images.githubusercontent.com/325224/155967283-2f914125-92ac-43fc-add3-6bc6241722cb.png width=150> Berty is a messenger that doesn’t require any of your personal data or network connection. their PR: "No Face, No Name, No Number, No SIM card, No Internet"

[synctext]

Thesis complete :clap: :partying_face: :clap: https://repository.tudelft.nl/islandora/object/uuid%3A3ad68dbd-3444-4e01-94a2-d28044b0ba3f "Web3: A Decentralized Societal Infrastructure for Identity, Trust, Money, and Data"

Scientific publication of 19 pages .PDF: Web3: A Decentralized Societal Infrastructure for Identity, Trust, Money, and Data