• Forum has been upgraded, all links, images, etc are as they were. Please see Official Announcements for more information

02 Decentralised Decision Making: What Are Dash's Core Values?

Case in point: I have just noticed that there is a poll posted at DashCentral https://www.dashcentral.org/p/poll-immediate-independent-security-audi

Fact: The concept sat there, pre-proposal, with almost no comments because MNOs don't bother to look. Dash Nexus was paid for from the treasury, you'd think MNOs might actually take the time without being directed from somewhere else. And as for time to debate, be my guest because I intentionally posted near the beginning of the cycle. Plenty of time to debate though I suspect it will be, yet again, fruitless.

Both Dash Core and Dash Platform are increasingly diverging from the bitcoin code, which itself is not foolproof. More so, Dash Platform is using third party tools that add significant attack surface to take down the entire masternode network. Blame "ambiguity" all you like and vote No, but perhaps I will have the last laugh if it's rejected and then Dash Platform is hacked. MNOs should prepare their excuses ahead of time.

Before casting a critical eye over my proposal, perhaps you can ask yourself why Dash Core has not commented at all when it so directly affects them?
 
Fact: The concept sat there, pre-proposal, with almost no comments because MNOs don't bother to look. Dash Nexus was paid for from the treasury, you'd think MNOs might actually take the time without being directed from somewhere else. And as for time to debate, be my guest because I intentionally posted near the beginning of the cycle. Plenty of time to debate though I suspect it will be, yet again, fruitless.

To be clear: I am casting a critical eye on how you chose to post your poll. Ironically the manner in which you have posted the poll will have exactly the opposite effect of what you intended. When I saw your proposal it actually looked to me like you were are attempting to let DCG off the hook for accountability by mixing up themes for the vote and posting the poll before sufficient debate occurred on the the themes BEFORE posting the poll. Debate in the poll itself is too late. It needs to be before the poll is posted so that you can see the potential issues with the actual poll wording and timing of the post itself. You can fire back and me all you want. I'm telling you that you did not post this poll in the correct way to get the effect you claim you want.

The two points raised in your poll itself are absolutely worth polling for but the problem is you mixed the two themes of DCG accountability and the security issue with the software. In addition I think the wording itself of the software security part needed to be different. Why? because as you can see from the comment in the poll from DCG quantumexplorer that they have not yet finished or tested the release. Therefore if your point was specifically about security on the Virtual Machine that requires action now then the wording of the polls should have exclusively been focused on that only.


Note however I would still not post this Poll until we received extensive feedback for several months from the community. Having said this this is how I would have worded the poll:

Suggested Poll: Independent Security Audit if DASH should use a Microsoft Virtual Machine For Running Dash Platform?

Wording: This poll is to determine if there should be an immediate investigation into the security issues associated with the Dash Platform being run on a Microsoft virtual machine. Vote YES to signal that there should be an investigation into the Microsoft Virtual machine and its consequences on security for the DASH project. Vote NO for no investigation of security issues with Dash Platform running on a Microsoft Virtual Machine.

Then give the specific reasons why you have concerns about the virtual machine ONLY and absolutely nothing about DCG accountability. DCG accountability should have been in a separate poll. Again, I wish to emphasis even with this wording I would not post the poll until there was several months discussion and debate about it.


Regarding Dash Nexus: I have tried twice previously around 1 year and 6 moths ago to register my masternodes at DashNexus and the nexus system would not accept them. I sent a message to nexus asking for support on this and got no reply. I could not register my MNs. I am CEO of a company. I haven't got all day to setup something that should take a few minutes. I decided to stay with Dashcentral as it is still operational and functional. So in my case it isn't because "I couldn't be bothered" as you label it. I haven't got the time to be faffing around with a service that did not allow me to register twice.

You also have to realise MNOs aren't reading everything in every Dash channel. It isn't I can't be bothered. I don't have the time. On a typical day I wake at 05.30am and work on average until 21:30 - many times to midnight. The main time I have to contribute to DASH is at the weekend. I am not on Discord - because I simply do not have the time to be contributing there. I decided that my main contribution would be on the proposals - for me that is at Dashcentral due to issues I had with Nexus. I also make occasional contributions at the forums with posts like these.

What I expect to see is at least is a pre-proposal is for it to be mentioned in multiple channels at least a few months before it is intended to be posted. This gives everyone an opportunity to actually become aware of the pre-proposal and for feedback to be given before a poll is posted. Discussion of the poll should be done months before the posting. It should be discussed in the Dash Forum as well as at nexus and they should be extensively linked to with text that actually describes what the page is about in a description. If you are on Discord links to both the forum and nexus would be given to the community months before you intend to post officially to make certain people aware of the intended poll. Where is your URL of the pre-discussion in the forum? I don't see a dedicated page on your pre-proposal discussion on the Dash forum - send me the URL. Where it it?

If I post an article on the forum it takes months for the number of views to be registered and for people to notice it. You have to give people enough time.

Before casting a critical eye over my proposal, perhaps you can ask yourself why Dash Core has not commented at all when it so directly affects them?

I have been about the only MNO challenging Dash Core Group on their proposals. I don't remember seeing your contributions @GrandMasterDash in their proposals anywhere near as much as my comments. For well over a year I was asking challenging questions and of the DCG on their proposals to get clarity and more accountability. Very few, if anyone, supported me or my comments. Clarification: When I write DCG in this post I mean specifically DCG management. I, more than anyone, have worked to get DCG management more accountable. This is why I am particularly bothered that you have chosen to post your poll in the manner that you have - significantly lessening the effect that it could have had if it was posted in the right manner.

I challenged DCG on their wanting to spend a million dollars on google ads. I challenged DCG on getting clarity on the actual number of full time employees they have as opposed to part time people. I challenged them on the consistent and repeated missed goals and targets for Evolution release dates. I challenged them on how how they were running Agile process. I challenged them on their connections with Alt36 and the waste of money, time and resources on that project. I challenged them on their costs of office space at 55,000 USD for space they are not even regularly using according to a reliable source that lives in Arizona and have visited their offices multiple times and found them completely empty. So I'd appreciate it if you don't lecture me on challenging DCG! I did more than you ever did on challenging DCG in their proposals and I don't recall seeing your support there. I have now given up on attempting to hold DCG accountable on my own. My comments were mostly ignored by DCG and I got little to know support from other MNOs. That is when I finally realised the problem.


We have to bring large numbers of MNOs together into an aligned way of thinking and form an official association for MNOs if we are to have a chance to effect real change and hold DCG management fully accountable.

You asked "Why are DCG not replying" Answer: Because the poll was poorly and ineffectively posted. It has mixed themes and the timing was not good. There was no buy-in from any MNOs prior to the posting of the poll. Those are the reasons why they are not responding. DCG know that if they stay quiet the poll will be ineffective. DCG management know this because of the following:

1. DCG are currently indispensable to the project and they therefore can do whatever they want and not feel obliged to be accountable to anyone, including MNOs. The DCG idea of accountable is to produce a quarterly report, which they produce and is not open for audit by a 3rd party such as DashWatch. That is not accountability.

2. DCG know that if a single MNO, like you for example, decide to post a poll on their own, without the buy in and support of other MNOs in advance, they can comfortably ignore it. There is simply not enough MNOs working together supporting each other to make DCG accountable.

MNOs holding DCG accountable on their own is going to fail because it is just one or two voices. However MNOs forming an association and working together a bit like a union we will have a much greater powerful voice and much more power to hold DCG accountable. That is one of the reasons I 've started posting in the forum my posts on Governance we need to bring MNOs together to have a stronger voice.

I have posted a new post on how to solve the problem of MNOs working individual. I am proposing we setup The Dash Masternode Association to strengthen our voices. See the following post:

https://www.dash.org/forum/threads/...aking-the-dash-masternodes-association.50390/

Everyone has their strengths and weaknesses. Clearly your strength is with the technical understanding. My strengths are primarily in business and knowing what works to get a message across.

This issue of ineffective poll posting is another reason why I made the post on the importance of us developing a Dash Decentralisation Charter (DDC) which formalises policies such as how to effectively post a poll. See this posting for more information:

Dash Decentralisation Charter
https://www.dash.org/forum/threads/...centralisation-charter-ddc.50379/#post-222473
 
Last edited:
@DeepBlue MNOs will vote however they choose, I'm beyond caring. When I state facts, people here don't like them. That concept was sitting there well before it became a proposal and people should be asking themselves, why did no one at DCG themselves ever respond to it? - even when the proposal went live, nothing. No one has to take my word for it, just ask Dash Nexus to release the relevant logs, I give permission.

As for ambiguity, read it as you please, it's not that hard to figure out what it's saying and it's not that hard for DCG to put their hand up and say, "you know what, maybe we should have an independent review". It doesn't REQUIRE a proposal to uphold security ffs. The fact is, the dash code base has diverged a lot from the bitcoin code base, and Dash Platform itself is a major departure using third party tools that could compromise dash's security. Instead of nitpicking over this proposal, how about people start asking DCG directly? How about DCG respond to the issues at hand instead of remaining silent?

Every day, hundreds of millions of dollars of dash are traded, that's a responsibility that needs to be taken seriously with or without a proposal. But let the proposal fail, let's not ask hard questions of DCG and let's just hope that dash platform doesn't get hacked. For my piece of mind, I'll be posting more proposals and asking more questions, and for every fail I will be selling dash. Rest assured, if dash gets hacked, I'll be back to remind everyone how it could possibly happen.
 
I agree with DeepBlue on two points :

* you mixed the two themes of DCG accountability and the security issue with the software (which are two separate topics, that people could have different opinions about).
* you were lacking in the pre-proposal discussion phase, where above point could and should have been corrected. I find it strange that nobody mentioned this in that closed concepts thread of yours.

I also find it strange that when Dash Nexus apparently closes a concepts thread, it disappears completely. Not only from the concepts section but also from your posting history on Dash Nexus.
Why did your concepts thread get closed, but other threads of yours in the concepts section are still open and visible there ? It is just weird.
 
Last edited:
I agree with DeepBlue on two points :

* you mixed the two themes of DCG accountability and the security issue with the software (which are two separate topics, that people could have different opinions about).
* you were lacking in the pre-proposal discussion phase, where above point could and should have been corrected. I find it strange that nobody mentioned this in that closed concepts thread of yours.
Agree. Post pre-proposals here to the forum. It should always be required. MNOs should reject any proposal that doesn't do so. @GrandMasterDash It's clear you want to see some accountability and transparency. So do I. Incentives matter. What changes would you make to attract good MNOs, who will make sure only good proposals pass, hold them accountable, and maintain transparency? This is not a tech question, it is an economic question.

I also find it strange that when Dash Nexus apparently closes a concepts thread, it disappears completely. Not only from the concepts section but also from your posting history on Dash Nexus.
Why did your concepts thread get closed, but other threads of yours are still visible there ? It is just weird.

I don't use dash nexus, but doesn't that seem suspicious? Does that not seem like censorship? Hasn't the network paid a fairly significant sum to the dash nexus team over time? Has anyone calculated how much in USD equivalent they have received since inception? I feel the ROI on that project is abysmal. Dashcentral has been quietly working since day 1 with only donations.

But MNOs love spending that free money! Nine yes votes out of ten is an intentional action to flush your own money down the toilet.
 
I agree with DeepBlue on two points :

* you mixed the two themes of DCG accountability and the security issue with the software (which are two separate topics, that people could have different opinions about).
* you were lacking in the pre-proposal discussion phase, where above point could and should have been corrected. I find it strange that nobody mentioned this in that closed concepts thread of yours.

I also find it strange that when Dash Nexus apparently closes a concepts thread, it disappears completely. Not only from the concepts section but also from your posting history on Dash Nexus.
Why did your concepts thread get closed, but other threads of yours in the concepts section are still open and visible there ? It is just weird.

You keep saying the proposal is mixed when it's not. There is significant divergence from the bitcoin codebase that has never been formally and independently reviewed, and Dash Platform is completely new code using third party tools that may pose security risks for dash as a whole. If you disagree with either of these "mixed" messages then you should vote No. Errors in code are errors in code, regardless of where they are. Exactly as the graphic for the proposal says, "Dash is as strong as the weakest link". People should vote No if they don't want to find the weakest link(s).

More so, I have no idea why anyone would fight so hard to say No over something so fundamentally important. I mean, we don't mind handing over 60% of the treasury to DCG and we don't mind discussing the economics of doubling their funding over the next five years. But to have a credible and independent report that extols the wonders of Dash Core's security, oh no, couldn't possibly vote for that, it might just give dash too much credibility, couldn't possibly be worthy of that.

As for Dash Nexus; concepts are converted to proposals, AFAIK they don't remain as concepts. You create a proposal and then when you're ready you change the last part of the url from "/overview" to "/submission".
 
@DeepBlue I think the diversity of opinion and expertise among MNOs is too large for us to agree on what dash values should be. Instead, we can form a living document based on the outcome of previous proposals. For example, there was a winning proposal that said transaction fees should remain under one cent.. that would translate to, "Dash is committed to low transaction fees for it's end users, as laid out in proposals X, Y and Z".
 
You keep saying the proposal is mixed when it's not. There is significant divergence from the bitcoin codebase that has never been formally and independently reviewed, and Dash Platform is completely new code using third party tools that may pose security risks for dash as a whole.

Problem is not the Dash Core Wallet codebase review in combination with the Dash Platform code base review, you are also talking about Dash Core Group needing to be audited through an independent auditor like Dash Watch.
And you brought that into this poll when you stated that like this :

''independent security audit and code review of both Dash Core and Dash Platform''
Which you later clarified even more by stating in a comment : ''Dash Core Group has repeatedly excluded themselves from Dash Watch reports and has, to my knowledge, never contracted an independent review.''

Which makes this much more then just a security audit and code review for Dash Platform and the Dash Core code base.
You actually want both a security audit and code review on Dash Platform and the Dash Core codebase & you want a budget / security audit on Dash Core Group.
That is a no go in a single poll. It is either the first or the last, not both.
 
Last edited:
Problem is not the Dash Core Wallet codebase review in combination with the Dash Platform code base review, you are also talking about Dash Core Group needing to be audited through an independent auditor like Dash Watch.
And you brought that into this poll when you stated that like this :

''independent security audit and code review of both Dash Core and Dash Platform''
Which you later clarified even more by stating in a comment : ''Dash Core Group has repeatedly excluded themselves from Dash Watch reports and has, to my knowledge, never contracted an independent review.''

Which makes this much more then just a security audit and code review for Dash Platform and the Dash Core code base.
You actually want both a security audit and code review on Dash Platform and the Dash Core codebase & you want a budget / security audit on Dash Core Group.
That is a no go in a single poll. It is either the first or the last, not both.

"you" "you" "you", what is wrong with you? It's not about me, the proposal doesn't mention Dash Watch, you're either twisting things out of context or challenging one thing while ignoring others.

You have voted No so what does it matter now? Going to change your mind? - no, I didn't think so. This proposal is about the security of the dash masternode network, which I assume you care nothing of, for if you did, you would submit your own proposal, which of course will be so much better and clearer than mine, right? So stop wasting my time and do as you please. I would say the pleasure will be mine to see your response if the masternode network is ever compromised, but I suspect you'll still deny and have excuses to how exceptional it might of happened. It's really hard to fathom how you might sit there and go to such lengths to defend DCG from a security audit unless you know something that I don't. If you think bug bounties and testing is the only thing needed then you're wrong, plain and simple.
 
"you" "you" "you", what is wrong with you? It's not about me, the proposal doesn't mention Dash Watch, you're either twisting things out of context or challenging one thing while ignoring others.

Your proposal originally did mention Dash Core Group not being accountable to Dash Watch reports. However that text has now been edited out from your proposal wording.

However, even with the edited description, I am still unable to agree with your proposal the way it is worded because of the factors explained below. I am showing you how it I believe it needs to be worded so that MNOs would be able to vote positively for it. As I've already stated previously in my messages I think there is value in a poll addressing these issues. However, the way it is worded now I could not agree to it because of other requests which it is asking for which would not be beneficial.

1. Below is a copy and paste of your exact text for the heading for the poll as taken on 06th July 2020. I am copying the text exactly as written so that if it is edited after I post this comment we can refer back to this text.
"Poll: Immediate Independent Security Audit and Code Review"

I will break down your request into parts and show the issues I have with what you are requesting. The above requests the following things:

1. Immediate Review: The audit be undertaken immediately i.e as soon as the poll is completed (if it was presumed successful poll)
2. Independent Audit: An independent audit i.e. an external body separate from DCG that has sufficient expertise in both the programming technologies used by DASH and to have experience in undertaking the security audit on the code with respect specifically to potential security issues.
3. Code Review: An Audit on Security and a Code Review. I presume you mean a Code Review with specific regard to the security only? or do you mean a code review for Security and other issues such as bugs which may not have a security issue?

In addition to the above you have this sentence in the description of the poll which, again I will copy and paste directly from your poll proposal from Dash Nexus at 06th July 2020

4. Exact text from your poll copy and pasted: " I therefore call for the release of Dash Platform to be pushed back until we have initiated an independent security audit and code review of both Dash Core and Dash Platform."

I will take each point in turn.

1.. Immediate review: I do not agree with an immediate audit. If there was a code review to be undertaken it should be when the code is completed and ready to be finally released. To do an immediate review i.e. before the code is even been tested, bug fixed and tested internally by DCG would be a waste of time and money because there will be bugs and issues that DCG themselves will find and fix. My view is that an independent code review for security issues should be undertaken after DCG has completed their own testing and bug fixing on the code and before the final code is released. If we did as you requested we would waste money doing a code review now and then having to do another code review after DCG have completed their own development and bug fixing. This is illogical. Code review should be done AFTER the code is completed and ready to be released.

2. Independent audit: I agree with this. However we would also need time to find a reputable organization that has substantial experience and knowledge of undertaking a detailed code review and also understand Blockchain technology. This would also require time and a separate budget therefore this could not be undertaken immediately.

3. Code Review: I agree with this specifically with regards to security of the code . There are many types of Bugs and to do a complete audit on all bug types e.g. GUI bugs, formatting bugs, etc would be a huge undertaking. Therefore the code review should be specifically focused on finding Security Bugs and potential Security issues with the overall architecture.

4. Independent security audit and code review of both Dash Core and Dash Platform." This needs to be reworded. You are asking for an audit on Dash Core and Dash Platform. When you refer to "Dash Core" what exactly do you mean? Do you mean Dash Core Code or do you mean Dash Core Group? It it is Dash Core Code you need to state Dash Core Code.

Previously, you also stated you want an audit on Dash Core Group, and you mentioned they were not held accountable to Dash Watch - I notice that this text has now been removed from your poll description. However that means that MNOs may have previously voted for the audit on Dash Core Group but didn't want to pay for an independent Audit on the code. This therefore invalidates the poll.


If MNOs want a poll to be successful it is essential to wait sufficient time for community feedback on the poll. @GrandMasterDash did not leave sufficient time for feedback on the proposed poll wording and goals and in addition did not post the proposed poll at the Dash forum. This means we have now got a potentially valuable poll, that could have been very helpful and could have passed, with a poll that has caused MNOs to not vote for it because it is not requesting what the majority of MNOs actually want.


"you" "you" "you", what is wrong with you? It's not about me, the proposal doesn't mention Dash Watch, you're either twisting things out of context or challenging one thing while ignoring others.

You have voted No so what does it matter now? Going to change your mind? - no, I didn't think so. This proposal is about the security of the dash masternode network, which I assume you care nothing of, for if you did, you would submit your own proposal, which of course will be so much better and clearer than mine, right? So stop wasting my time and do as you please. I would say the pleasure will be mine to see your response if the masternode network is ever compromised, but I suspect you'll still deny and have excuses to how exceptional it might of happened. It's really hard to fathom how you might sit there and go to such lengths to defend DCG from a security audit unless you know something that I don't. If you think bug bounties and testing is the only thing needed then you're wrong, plain and simple.


@GrandMasterDash Nobody is saying they don't want DCG accountable. State specifically where I, or any other MNO said they don't want accountability from DCG? What myself, @qwizzie and @forro are saying is that what you have actually requested in your poll, using the words you have used, is not something that MNOs are likely to vote for.

I would vote YES for an independent security audit to be taken before the code is about to be released, but not now, before DCG have actually finished the code. DCG should finish the code and bug test the code first along with any other bug finding, then, and only then, we undertake an independent 3rd party security audit on the code and architecture of the code.

I would vote YES for the MNO network to agree that DCG must have their quarterly reports audited from DashWatch or a 3rd party accountancy firm who are overseen by DashWatch. However, note, that this would also cost extra budget money because the audit would be substantial. However if we had a 3rd party financial audit on DCG accounting then the network would have reasonable financial accountability from DCG.

However, as I've said before. The exact wording of both of the suggested polls above would have to be discussed thoroughly and agreed on before the polls are published to ensure the poll objectives are clear and get a general feel of what the network thinks about the polls.


Lesson from this : MNOs need to post the proposed poll text exactly as it is intended to be posted several months in advance on multiple channels including the Dash Forum and wait for the feedback before posting the poll officially.
 
Last edited:
@DeepBlue I didn't bother to read beyond the first few lines. I'm not interested in yours or anyone elses nitpicking. Submit your own proposal, put up or shut up.

I have not edited this proposal, please provide evidence. There may of been a few type corrections during the Concept stage (unsure) and that's all. I have repeatedly stated, I give permission for Dash Nexus to release all relevant logs. There has been no intention on my part to lie or mislead people, any suggestion of this kind should be regarded as a personal attack in order to derail the proposal. If anyone is in doubt of my intention they should vote No.

Frankly, the efforts you and others are going to, to derail this proposal is disgusting. So far, DCG has made zero contributions to this proposal and discussion; apparently, my 5 dash isn't worthy enough. Why you don't spend your time writing long posts to them, or am I just an easier target?

But yeah, it is telling that DCG have excluded themselves from Dash Watch, and it is telling that Dash's senior staff and directors have refused to take a lie detector test. Now, it seems, an independent security audit is also out of the question. You was looking for "core values", well ACCOUNTABILITY might be important.
 
Problem is not the Dash Core Wallet codebase review in combination with the Dash Platform code base review, you are also talking about Dash Core Group needing to be audited through an independent auditor like Dash Watch.
And you brought that into this poll when you stated that like this :

''independent security audit and code review of both Dash Core and Dash Platform''
Which you later clarified even more by stating in a comment : ''Dash Core Group has repeatedly excluded themselves from Dash Watch reports and has, to my knowledge, never contracted an independent review.''

Which makes this much more then just a security audit and code review for Dash Platform and the Dash Core code base.
You actually want both a security audit and code review on Dash Platform and the Dash Core codebase & you want a budget / security audit on Dash Core Group.
That is a no go in a single poll. It is either the first or the last, not both.


Despite your efforts to obfuscate things, the question is clear:

https://app.dashnexus.org/proposals...ndent-security-audit-and-code-review/overview

"By voting Yes on this proposal, you are signalling to Dash Core that an independent audit should be initiated."

Obviously, the agents who control Dash since the beginning, do not want an independent security audit.

This is a message to all the agents who sabotage Dash. We are watching you!
https://beta.dashwatch.org/
https://mnowatch.org/
 
Last edited:
It boggles my mind. You'd think a company working within blockchain, cryptography and finance would automatically decide for themselves that perhaps a fresh set of eyes, an independent security audit, might be beneficial. Professionals in the IT space - and especially this space - know that bug bounties and testing is just one element of security. They're not stupid, I mean, why must it take a proposal to take such action? - can they not make such decisions off their own fruition?
 
It boggles my mind that people these days can just create polls with such a demanding undertone, while not having collected any substantial (and visible to the public) pre-proposal feedback of the community
and giving little attention to the specifics of the poll itself. This is not the first polling proposal with this problem and i am sure it will also not be the last.
Must be the low Dash price causing it. Or impatience. Or both.
 
Last edited:
It boggles my mind that people these days can just create polls with such a demanding undertone, while not having collected any substantial (and visible to the public) pre-proposal feedback of the community
and giving little attention to the specifics of the poll itself. This is not the first polling proposal with this problem and i am sure it will also not be the last.
Must be the low Dash price causing it. Or impatience. Or both.

The inventor of an object can not dictate how it will be used, for the people will decide regardless of the inventor's wish. The harnessing of nuclear fission was not to build bombs that will exterminate all mankind.. but it's possible.

By all means, put in a proposal to raise the proposal fee.
 
@DeepBlue I didn't bother to read beyond the first few lines. I'm not interested in yours or anyone elses nitpicking. Submit your own proposal, put up or shut up.

The feeling is mutual. It is clear to me that you don't want to listen to others, even when they are providing you will constructive feedback. Then you complain that MNOs "couldn't be bothered" as you put it.

I don't have time for people who don't want to listen, have a closed mind, and take things all too personally when the feedback was aimed at helping the poll to get voted through.

It's clear you want to act on your own within a decentralised environment. Feel free to do as you want in your world. However this is a DAO we make decisions based on consensus and through collaboration. I took the time to give you feedback to help your poll go through but I can see now I'm wasting my time trying to assist. My feedback is shit, irrelevant and nitpicking and designed to make your poll fail of course. Wake up man, we are on the same side! We are trying to support you!

The poll won't get the votes unless you reword it. You cannot see that we are supporting you because you don't want to listen and you seem to believe I, and other MNOs, providing constructive feedback on your poll are against you in some way.

You, you, you there is no place for this type of behaviour in a decentralised organisation. Good luck with your poll.
 
Last edited:
Obviously, the agents who control Dash since the beginning, do not want an independent security audit.

Well I can assure you I don't control DASH, and I've said several times in my posts above ( please read my posts) I actually do want a security audit for the source code. I just don't want it immediately because the code is not ready yet. Doing a code review before the code is actually ready is a complete waste of time and money because bugs and issues will be found before it is ready to be released. This is not nitpicking as @GrandMasterDash is claiming. It is a fact. We should do an independent code review when the code is ready and fully bug checked and ready for a code review.

Why are people asking for an immediate security code review on incomplete code that is not even ready to be released? Someone explain the logic of that when the code is not ready?

Even if we did do a code review immediately, as the poll owner is requesting, we would still have to do another code review again when it's ready to be released. That is why it is a waste of time and money to do it immediately as the poll owner is requesting. But @GrandMasterDash does not want to listen to these comments and the comments of others that are saying the same thing.

I've made comments that would have helped the poll to go through but these comments are falling on dead ears as "nitpicking". Instead of taking our feedback constructively, to assist the poll to go through, @GrandMasterDash appears to have taken it all personally and is interpreted the constructive feedback as an attack on him personally, or nitpicking or whatever. Sorry he has to take it that way. It is clear he has his mind made up about everyone's motive that is trying to help the poll to go through. He is not open to constructive comments to help his poll go through. So all I can say is Good Luck GrandMasterDash with your poll!

Oh, and if DASH gets hacked because this poll does not go through @GrandMasterDash is responsible because you did not post an effective poll that could have been voted through.
 
Last edited:
Why are people asking for an immediate security code review on incomplete code that is not even ready to be released?

There's a lot of new code already running on the mainnet masternode network. Usernames and the DAPI are a part of Dash Platform, on evonet and scheduled for mainnet this year. Most, if not all the DIPs are complete, the blueprints from which Dash Platform is built. Dash Platform will go live using third party tools outside of Dash Core's control. The Microsoft virtual machine / JIT compiler was instigated when Dash Core realized there was security issues without it, so now this third party machine becomes the new threat i.e. security has been shifted to an external entity. Not your code, not your masternode.

The wording of the proposal is one thing, for sure, not to your standard and didn't receive your royal approval, but the message is clear. Security is everything and it shouldn't require a proposal - written poorly or not - for DCG to act. Formal independent audits are quite normal within this space, and why wouldn't it be when you're dealing with blockchain, cryptography and finance? If you had never seen my proposal, and if DCG had submitted a proposal for an independent audit, would you of voted for it? - I think so. So yes, I'm sorry to say, you're nitpicking.

I don't care if the proposal fails as I have an exit strategy... but fail or not, ridicule or not, I simply hope DCG does the right thing.
 
I read the post, but I didn't read all the comments, so forgive me if this was already discussed there.

How would we "agree" on the core values of Dash in a practical sense?
  • Would somebody propose a list to be voted on by MNOs?
  • Would we assume the normal 10% supermajority constitutes "agreement"?
  • Would we assume that anyone who still maintained an MN after a list was approved "agreed" to the values?
 
How would we "agree" on the core values of Dash in a practical sense?
  • Would somebody propose a list to be voted on by MNOs?
  • Would we assume the normal 10% supermajority constitutes "agreement"?
  • Would we assume that anyone who still maintained an MN after a list was approved "agreed" to the values?

There would need to be a new type of decentralized decision making system developed. This would be a new custom-made voting system for making governance decisions that are not associated with project funding requests. Currently decisions are being made through the Governance centre however this is not really designed for making such decisions - it is more for voting in projects. The new system would be low cost to put forward a suggestion for voting and only MNOs could vote. Since the MNO would need 1000 DASH this would act as a strong barrier to spammers and trolls that are not part of the Dash community. The reason we currently need a relatively high fee of 5 Dash is for putting forward a project or a decision in the current governance system is because anyone can put forward a proposal - including non MNOs.

MNOs could put forward a value for suggestion with their reasoning for that particular value. A discussion would take place on the pros, cons and reasons why this value is/is not important for the network then a vote would take place if the Value would be regarded as a core value and entered into the Dash Decentralization Charter or not.

The new voting system would also be useful for making other governance decisions. If only MNOs were permitted to use the new system then there would be no need to have the 5 Dash payment fee but rather a smaller fee e.g. $10 in Dash which would go towards the upkeep of the decentralized voting system. Therefore to enter a new decision the poster would need to have a MNO (1000 dash) preferably held for at least 3 months or more (this is to prevent the likes of Monero infiltrators spinning up a MNO to attack the system and then sell it off once they have done their damage). It also ensures that the people contributing to the decision making system are long term holders of Dash that have a vested interest in supporting Dash for the long run.

I have spent some time to think through most of the components for this decentralized decision making system as well as how it would operate however at this stage I do not wish to disclose the specific details.

We clearly need a simple, low cost and efficient way to make everyday Governance decisions that are not associated with funding projects. The current governance system is not suitable as we have seen many times previously where it is ambiguous as to how the vote should be made to come to the correct decision. There are many examples of this including the recent decision votes for modifying the Governance system. I was involved in research for many years and one discipline that was drilled in was that you should only change one factor at a time to decide if something will work. To change more than one factor will lead to confusion into determining what the actual outcome was down to not only this it is then unclear what people have actually voted for even if there 2nd stage vote is for determining the budget size. This occurred in the recent vote for changing the governance system. Ryan Taylor's explanation of changing 2 factors at the same time was necessary in the first round of votes does not make much sense or is in fact the explanation Ryan gave is not even a logical one. It is not logical because we don't know exactly what the Dao was voting for and therefore we don't know what the outcome was because 2 factors were changed. Some may have been voting for one thing, the others may be voting for another aspect and others may be voting against both. The correct way to have done the vote would have been to change just one factor and get the decision clear on just one component first with the understanding. Ryan's explanation that people would not have voted if 2 factors were changed simultaneously simply does not make sense because it is confusing as to what people would have actually voted on in the first round.

The new decision voting system I have in mind would be designed to minimise such issues from arising. In that multiple options could all be posted simultaneously. In reality clear decisions are made from deciding between two options and then choosing which option is best. Then taking that option and comparing against another option then making a decision about that. Only one factor should be changed at any one time. Confusion and unclear results will inevitably happen when more than one factor is changed at one time.
 
Back
Top