Hey everyone, it's @anarcho-andrei of the @noblewitness team. I wanted to take a minute to discuss the subject of a conversation I had on Steemit a week ago.
The particular conversation centered around what to do about bidbots. I'm sure by now everyone's familiar with what they are, but for those you who aren't: bidbots are automated voting services that allow you to place bids for the strength of the upvote. You're competing with other users for a big vote, essentially. Many have upper and lower bounds for bid amounts, and at this point, you can view their expected return on investment (ROI) using services like steembottracker.com. While they sprouted up and grew as a response to the desire for promotion, the consensus on Steemit is they are a way of gaming the system. Those with Steem/SBD to spend boost up their posts, reap the rewards, and then do it again to keep growing their accounts. Those without Steem/SBD to spend get lost in the noise of everyone else's posts.
I'm not going to delve into the ethical implications of bots here. What the conversation I had really turned on is what to do about them. The user I was speaking to suggested banning bidbots. In order to understand why this solution is unworkable, you have to understand a little bit about how accounts are created, and the relationship of Steemit to the steem blockchain.
Accounts and Wallets
While it can sometimes be easy to forget this, especially if you haven't delved into how the system works, accounts on Steemit are actually wallets on the steem blockchain. For those of you unfamiliar with what wallets are: wallets are address on the blockchain where transactions either go to or come from. They're...exactly what they sound like, actually. On the steem blockchain, your wallet address is your user name. One of the strengths of the blockchain is this simplicity of addresses in fact. Instead of having to copy and past a long string of letters and numbers, you send to or receive from a name.
Every user name is a wallet address. As I'm sure everyone has seen, it is uncomfortably easy to hack a central database and gain access to user accounts. The crypto world saw this with Mt. Gox in 2014 with the staggering loss of 850,000 Bitcoins. The way the steem blockchain avoids this problem is by not being centralized. There is no central database of account keys and user information that could be exploited in order to gain access to accounts.
On account creation, a set of keys are randomly generated and assigned to the user name. The blockchain does not log these keys, Steemit, Inc. does not retain the keys, and the only person that has access to them is the user who created the account. Thus, the only way for someone to access a user account is by having the unique access keys to the account. The blockchain is designed this way specifically to avoid this kind of vulnerability.
Blockchain vs. Steemit
Steemit, along with other sites like Dlive, Busy, and DTube, are all interfaces that allow you to use the blockchain. Every time you vote, you're using your wallet to send a transaction on the blockchain. Rather than displaying these transactions as lines of text in a command console, these user interfaces organize the information into recognizable forms. Using your SP to allocate a portion of the reward pool to a post is an upvote button. The myriad of posts on the blockchain are divided up by tags and into categories on a web page. However, it must be stressed that the web page is just a way to display the information. It isn't the repository of that information.
You could very easily create a website that pulls only particular data from the blockchain. For example, you could make a page dedicated to cooking and only display posts with relevant tags attached to them. However, this does not change what information is stored on the blockchain. All non-cooking posts will still be there, and users can interact with those posts the same way using another user interface or through a command console. Perhaps more importantly, any rewards going to those non-cooking posts will still pull from the same rewards pool.
Now that I've set up how user accounts work and the difference between a user interface and the blockchain, we can delve into why banning accounts is unworkable. I'd like to make it clear that bidbots are simply automated processes. There's no magic to them. Bidbots do exactly what a live, human user could do. There are no secret commands or code that only bidbots use to execute their bids and votes.
The proposal to ban bidbots as described by the user I was talking to would necessarily require suspending a user's account. There is no other way to prevent a user wallet from interacting with other accounts on the blockchain except to lock the person using it out of the wallet. However, in order to do that, the wallet access keys would have to be duplicated and stored in a central database for that purpose.
The problem with this here on Steemit is the fact that these are wallets on the blockchain, not just accounts that let you use Steemit. This goes back to the security vulnerability I discussed earlier. Duplicating keys to wallets and centralizing that database would make Steemit as insecure as any exchange. Ask anyone who trades cryptocurrency regularly, and they will tell you not to keep your coins on an exchange for this very reason. It would destroy the most fundamental security measure that the steem blockchain has: anonymity of accounts. This approach would likely be a death blow to Steemit and the blockchain, but in the unlikely event it didn't kill the project entirely, it would cause irreparable harm to the project's reputation.
Alternatively, it could be argued that Steemit could be reconfigured to employ a system like Facebook or Twitter, where users are prevented from accessing the user interface, rather than having user wallets be suspended. This alleviates the security issue with duplicating wallet keys, but this is also an unworkable solution. As I mentioned before, Steemit is just a user interface that organizes blockchain information into recognizable forms. More importantly, it's only one of dozens of such interfaces.
To effectively ban bidbots this way, all user interfaces would have to agree to implementing significant changes into their user interface. Even then, this does not stop bidbots from working, as they interact directly with the blockchain via the wallet, not through a user interface. Any given bidbot could put up an independent site that allows users to transact with the bot outside of a user interface. Minnowbooster does this already. Steembottracker does as well. This solution would require all the user interfaces to implement changes that would ultimately be pointless.