Is Steem Centrally Controlled?

in #stopthepowerdown5 years ago (edited)

I've been on the Steem blockchain since June 2016. A witness since May 2017 and a consensus witness (off and on for a bit) starting around February 2018. I believe in the potential of Steem to improve human wellbeing and demonstrate to the world how blockchains and cryptocurrencies can be used by everyday people.

During that time, there have been many attempts to raise awareness about the centrally-controlled, non-transparent nature of Steemit, Inc and the real concerns over the governance control their stake has on the security of the network. I've been vocal about problems with Steemit before and was encouraged during 2018 to see real improvements with regular on-chain communication from the Steemit team.

Progress has been made (AppBase, Hivemind, Resource Credits, Account Credits, etc) but many stake-holders have been upset with the amount of Steem being sold by Steemit to support this slow progress. 7 months ago I floated an idea to have witnesses and community members fund our own development so community-supported economics changes could be developed and voted on without needing Steemit, Inc approval or development time. If it worked well, it might also create a pathway for projects like SMTs or RocksDB to be outsourced to move things along faster. The hard costs and falling price of Steem make this quite difficult without Steemit using some of its stake to support it.

The unfortunate truth is few witnesses and stake holders enthusiastically support Ned or Steemit, Inc. You could even say for some there's a growing animosity which has been brewing for years. This is dysfunctional and detrimental to the Steem ecosystem. As an example, one single individual (not a consensus witness) who used to be a contractor with Steemit, Inc posted some code which would involve nulling out the keys for Steemit's account. In the very early stages of this blockchain, there was a situation where many accounts were compromised and the solution at that time was to include in Hard Fork 9 changes to restore property. The witnesses at that time supported the fork in order to protect property rights Edit: see this comment for a more accurate history of how HF9 was deployed.

Fast forward to the present time, and we see a massive power down by the @steemit account. Yesterday, Ned went on air in Discord and when asked about the power down said it was a defensive measure to protect their assets. This is confirmed on chain with this memo right after the Power Down change:

Screen Shot 2019-01-18 at 8.58.20 AM.png

Power Down and memo

Moving STEEM to secure wallets.

Based on Ned's comments and this message, it seems Steemit holds the following position:

Identifiable wallet accounts on the Steem blockchain are not "secure wallets" and are somehow at risk that witnesses might remove access to those funds.

In my opinion as a consensus witness, this is an inaccurate, damaging message which seems to call into question the immutability of DPoS blockchains and the credibility of the token-elected witnesses who are trusted to secure the chain. I'm deeply disappointed this wording was used and this action was taken by Ned and Steemit.

@ned, if this is truly your reason for the power down, I ask you to stop the power down because:

I will not implement, support, or condone any hard fork that effects the balances, keys, or security of any accounts on the current chain.

Doing so is against my personal beliefs about property rights and blockchain immutability. I understand there may be extreme circumstances at some point in the future (such as Hard Fork 9), but I would only act to the best of my ability according to the will of the token holders in protecting property (not removing it).

I share in much of the frustration outlined above towards the initial impressions of how the Steemit stake would be used, how it has been used so far, and the lack of decentralized governance and transparency regarding how Steemit makes decisions which impact the entire Steem community. That frustration does not, in my mind, give me any rights to modify private key access to property.

I'm frankly insulted by the narrative that top 20 witnesses were conspiring "for weeks" to steal the Steemit stake. I've been in conversation with many of the top 20 witnesses this week and this is not accurate. To my knowledge, these discussions caught almost all of us by surprise starting less than 7 days ago.

One person creating a PR does not constitute a real threat to the Steemit stake. If Ned reached out to me or other consensus witnesses, he would know this is not an immediate, credible threat.

In my view, the community wants more financial transparency and decentralized governance for the Steem blockchain and that can only happen if Steemit, Inc, the largest holder of Steem tokens by far which are being used to fund development for this chain and, decides to participate with the community openly and transparently. Moving such a large stake to an exchange where it could potentially be privately redistributed to impact governance is a move towards more secrecy and the opposite direction we want to go.

Ned said on air he encourages forks of Steem. Forks of the code for specific purposes are great and does lead to competition and innovation, but chain forks have the potential to divide us all. I'm hoping instead we all work together because I, like many, have devoted many hours of our lives to seeing this blockchain succeed, and we want to grow the network effect which creates value, not divide it. Though some have left, many of us stayed because we hope something will change.

Please demonstrate you do actually trust in DPoS, the security of Steem, and the witnesses who are elected by the token holders to represent their will in protecting property on chain by stopping this power down. Come together with witnesses and the community and show your commitment to more decentralization by helping us create a new model for how Steem and Steemit development is done going forward.

A thriving, healthy blockchain should not be impacted so much by a single individual. This is a problem. Right now, only Ned can fix it. If he decides to work with witnesses and further decentralize the control of Steem's future, we have a path forward. If instead, he continues distrusting us, not reaching out effectively to us, and making decisions entirely on his own then we will be left with a centrally-controlled blockchain which very few serious witnesses and blockchain application developers are interested in supporting long-term.

If this message resonates with you, and you are concerned about the future of Steem and what Steemit's massive stake moving to an untraceable format could mean for Steem governance, please share this message or write your own using the #stopthepowerdown tag.

This is the moment when we find out if Steem is centrally controlled.


Thanks for being reasonable ;)

For completion:
The changes in HF9 restored users' access to their stolen accounts (there was no recovery functionality before, that was introduced later as a reaction to what happened). It didn't nullify anyone, and stinc reimbursed affected users from their own stake.

Not correct. The changes in HF9 literally reset all the keys of the suspected compromised accounts (which is why johan's fork was nearly a clone of it).

In fact, this was done using a crude filter (all accounts with key changes in a certain time window) and I'm pretty sure that some non-compromised accounts were also reset (I was at risk of having some of my own accounts reset which would have resulted in significant financial losses to and raised this objection at the time, although as it turned out, luckily, my accounts were not within the window).

Steemit deemed this an acceptable cost for what they wanted to accomplish, and forced the fork through without non-Steemit witness approval, which I'm pretty sure had a lot to do with getting their own accounts back after they were compromised (since they were irresponsible in not using a posting key to access the website with their own enormous-stake accounts)

Only later was the "account recovery" feature added, which implemented a model that served Steemit's purposes but still likely would have resulted in substantial losses to me (were my key changes not fortunate enough to be outside the window by sheer luck).

IMO the view of "property rights" that Steemit is invoking is selectively self-serving at best, and also doesn't reflect an accurate view of how forks work anyway.

How does my statement contradict that? The keys were reset with the goal to restore access for the rightful owners, opposed to completely blocking access which is what was suggested in the recent discussion.

Probably users were lucky that stinc was affected too, yes. Still, it was not about locking someone out of their own account.

Okay, now I see how i worded that wrongly. My focus was more on the intentions than on the actual HF code. Technically keys had to be reset to restore access. They were not nullified to keep the owner out though, resetting them was just the first step of the process and not the end goal.

Intentions are frankly invisible and unknowable.

IMO (though still not knowable) the primary intention of the whole ordeal was restoring Ned and Dan's accounts after they lost them by being extremely irresponsible. The primary cause of the loss was not a bug, as such (broad category of) bugs were entirely foreseen and even expected, and may well happen again even now. It was irresponsibility on the part of Dan and Ned. All of us at the time, including you, were well aware of the importance of using a posting key to access the web site with large accounts, and not an owner key.

The 'property rights' of those who were not irresponsible and stood to lose (and probably in some cases did lose) as a result of their actions were considered less important by an unaccountable central party who decided thus unilaterally and without even giving witnesses as chance to balance the competing interests. That sort of unilateral authority and action (which still exists) is a bigger existential threat to the blockchain than a broken web site leaking keys which never should have been put in the web site in the first place.

You don't see working to restore suspected compromised accounts an act of protecting property rights? As I said in my post, I wasn't a witness at the time and yes, I know Steemit was using their stake to vote for witnesses prior to HF17 which is why this stake issue is such a big deal to begin with. If they do full power downs and remove the connection between their stake and Steemit, Inc the company, then we'll back where we started with Steemit, Inc actively controlling witnesses directly.

I understand how hard it is to bootstrap effective governance models (been working on it since April with eosDAC), so I can understand some early decisions needed to protect the ecosystem (and, as you said their own accounts). I agree, they were stupid to not be using posting keys.

You don't see working to restore suspected compromised accounts an act of protecting property rights?

Protecting some property rights by compromising others, where the central authority gets to decide which take precedence over others? Not really sure I am sold on that vision of 'property rights', in fact I'm pretty sure I am not sold on it.

As I said in my post, I wasn't a witness at the time and yes, I know Steemit was using their stake to vote for witnesses prior to HF17

No, that is a different matter. Some Steemit employees were voting, including (but I believe not entirely) with stake that was vested from the ninja-mine.

In the case of HF9, it was the literal steemit account which immediately and without warning or discussion voted out all witnesses and pushed through the fork which reset keys on a wide swath of accounts, some compromised, some not. The witness discussion on the topic was literally "What's going on?" There is no way that you can say witnesses supported it, because there was no discussion or voting.

As I stated, there was a very real risk that I and others could have had our property lost and that only didn't happen due to luck (in my case a difference of a few hours). Steemit unilaterally decided that their own 'property rights' (really a misnomer when viewed through the lens of being the subject of one party's arbitrary decision) were more important than mine and others'.

Thank you for clarifying the history of what actually happened. Based on what you said, this line in my post is not accurate:

The witnesses at that time supported the fork in order to protect property rights (at least, that's my impression, I wasn't a witness at the time).

I'll edit it. Thank you as always for spending the time to clarify things for accuracy.

The whole reason there was a discussion about changing the number of witness votes was to close the loophole where Steemit Inc could (again) elect the required number of witnesses for consensus, wasn't it?

No, it was due to an exploit where someone could vote in 10000 backup witnesses and get a disproportionate share of the backup rewards.

Thanks for the clarification. :)

I forgot to change my settings to decline payment on this post so any proceeds from this post will be reserved for a future, decentralized pool for Steem development if such a pool is ever created.

Other witnesses and concerned members of the community are posting similar #stopthepowerdown posts, but some added the tag later so they don't show up correctly on Steemit when viewing that tag. I'll link to them here so you can find them easily:

Sweet! Gotta start somewhere. I will have some STEEM liquid soon. I am gonna send it to you to help build up the dev fund you are starting. This is the stuff I would love to see more of.

@justinashby Please hold off on sending me funds at this time. I'm not committing to this responsibility yet, so I'd have to send the funds back to you. I do think this would be a great thing to accomplish, but it would not be done via one individual's account.

Your support for the idea is very encouraging though! Thank you!

Speaking plainly..

I vote you as witness for various reasons. You have been a straight up MF from the start and have integrity about your goals.

I will hold off on sending funds. Please let us know when your dev fund is going live. I totally am 110% behind this idea.

Vote @lukestokes.mhth for witness, I do.

This is a great message for not only Steemit to see but the community as it demonstrates the importance of having our witness votes used to those that govern in our best interest like this message implies. Change is happening and the community is becoming more active is selecting witness since Hard Fork 20 which is encouraging to see as our stakes are our power to make change happen. Thanks for the effort!

Posted using Partiko iOS

While the sentiment in this post is admirable, one has to wonder why it took a week to come out and say you would never support something like hardforking out Steemit, Incs stake. This should have been immediately and categorically rejected. My understanding is several top witnesses actually debated this, and did so for more than a full day. When enough eyes see top witnesses seriously discussing merits and disadvantages of something that should have been categorically rejected, yeah it undermines confidence in security of the blockchain and in the capacity of top witnesses to set aside animosity toward Stinc for long enough to get heads out of asses. I don't blame Stinc at all for moving funds off platform.

I can't speak for others, but I was asked to be part of a committee this week which had members discussing these issues directly with Ned. Those discussions were not very fruitful (IMO). Our hope was to deal with this directly with Ned and ask for the power down to stop before it became a larger issue. As a member of that committee (I was voted in and didn't even really sign up to be on it), I agreed to the terms of the committee which was to keep things private as the discussions were on going. I'm a fan of radical transparency, so it was not my favorite thing to do, but I accepted it for the good of Steem. More information about those discussions will come out, I'm sure.

This powering down and selling of Steem via the Steemit accounts have been going on for at least a year. Why are you calling out for the power down to stop now? Why do you think it really has to do with the recent PR move?

This power down and selling of Steem is how Steemit Inc. has been making money all along.

It's the amount of power down that concerns people and how it was done in a defensive way as a demonstration of lack of trust of the witnesses. Going back to their original power down would at least be a step in the right direction. The reason this power down is gaining so much attention is the size and intention of it.

Think of the upside. Steemit Inc.'s share made the blockchain much more centralized. If they remove their stake, then that will make the blockchain not controlled to such a large degree by a single player.

That is actually a positive.

They could just move funds to the exchange, then to move it back to a set of anonymous accounts.
That makes the chain still controlled by a single player, but anonymously

It won't be anonymous, We are watching :)

Unless "you" are FBI I don't know why @bittrex would let you look into their books )

Why should it be categorically rejected?

I'm not saying it should be accepted or declined, but why? Especially "immediately". Shouldn't all such ideas be thought over for their merits and disadvantages?

Let's put it this way. If it takes you longer than it takes to read the words "proposed hardfork to remove stake from Steemit, Inc controlled accounts" to categorically reject same, you shouldn't be a top witness on Steem blockchain. It is that simple, and clear.

You can debate to what extent top witnesses should provide leadership for the blockchain, but you can't debate this one. Top witnesses have basically one job, which is maintaining security/integrity of the blockchain as the primary block producers. This proposal by definition goes against that primary mission. There isn't anything to think over for its merits.

They have that one job under the guidelines of Steemit. But nobody said those guidelines are "good."

I think it still doesn't explain why it's a bad idea. I think there are multiple reasons why it's bad, but I disagree it is so "obvious". I do think it has merits. And discussing those merits can then lead you to find a solution having those, without the downsides.

P.S. Saying "it is that simple and clear," or "everyone knows", etc. is demagoguery. It's not actually addressing the issue, but painting, "If you disagree, you're not one of us" or "If you disagree, you are irrational," which is a subtle way of making ad hominems. I am not saying this just to you, but I've discussed this in the past regarding rhetoric in academic circumstances, so I'd like to point it out. It's bad form to argue in this manner.

100% agree... well spoken.

I wrote this little number.

It's a bit more angry and hostile than is ideal but I make some of the same points. We deserve transparency.

In my opinion, @ned made the weakest possible move by responding to this empty threat the way he did; very little communication with a 34 million coin powerdown. It's simply just not appropriate.

Hopefully we change his mind, or perhaps 34M coins won't be powered down... he just picked a high number so 2.6M coins will be released every week and he will stop the powerdown in a few weeks. One can hope.


For your statement, I decided to use my one witness spot for you! All witnesses who against such thievery will be a witness of mine!


If Steemit Inc powers down, doesn't that action effectively DECREASE the centralization of the Steem blockchain?

Powering down alone is fine. The stated intention of moving such a large stake to exchanges which could easily be moved back to opaque accounts and used to control the network is what should concern us all. We're going for more transparency on how Steemit intends to use that massive, centralized stake, not less. If they were to power down and dump on the market, that would have a direct impact on all the value we enjoy as well, which, I think, concerns many also, especially if they believed that stake would be used to fund future Steem and Steemit development.

The witnesses at that time supported the fork (HF9) in order to protect property rights (at least, that's my impression, I wasn't a witness at the time).

Not the case. The fork was pushed through by steemit replacing all witnesses using their stake. This is recorded on the blockchain and not that hard to find because the steemit account history is fairly short.

Witnesses were not allowed the option to support it or not support it.

I replied to your comment here as well.

I was describing the intention of the fork, not the mechanism for how it was deployed. This highlights exactly why a central organization holding so much stake and using it to control witnesses is not what we want going forward.

Replied elsewhere. Certainly agree that a central unaccountable entity holding so much stake and using it to control witnesses is not what we want. I would go farther and say that it constitutes an existential threat.

I second this.

CC @ned & @steemit

Posted using Partiko iOS

Hi Luke

I share much of your frustration with regards to the memo text. As you mention ' secure wallets' had me questioning what was meant by this exactly. E.g. Are Steem wallets not secure?

Well I'm pretty confident that 'yes' is the answer, but the wording used did cloud thinking somewhat.

I also cannot understand the link between 'stickiness' and homepages - unless the page is so confusing that you are stuck on it wondering where to head next.

In the talk at the beginning of the week, I heard @fyrstikken mention that there had been discussions last month regarding nulling Steemit's account, and so went to have a look around:

The post is just over a month old. There are a couple of names mentioned, but the scale of the 'talk' is unknown. From what Ned said last night, he seemed upset that this wasn't brought to him by Witnesses. My guess is that, like you, not many knew of whatever discussions were being held and so couldn't report anything.

Glad to hear you are very much against anything of the sort.

I share much of your frustration with regards to the memo text. As you mention ' secure wallets' had me questioning what was meant by this exactly. E.g. Are Steem wallets not secure?

What that obviously means is anonymous wallets. An unfortunate side effect of this shit show was the pulling of delegations from Musing and DSound.

Coin Marketplace

STEEM 0.25
TRX 0.14
JST 0.035
BTC 51059.64
ETH 2892.01
USDT 1.00
SBD 4.16