TLDR: I’ve built a Reputation tracking tool that any developer, web2/web3, can use to track user reputation in their app, platform, or community. I need ~50 volunteers to stress-test it, so I get insight into cycles consumption and vulnerabilities to exploitation.
Hello everyone, I’m the founder of Solutio (https://solutio.one/) and in my free time I built a reputaiton tracking tool that I want to use for Solutio to handle token distribution to users that actually help grow the platform. But I need to test it, see how it performs, and help trying to break it. I need volunteers to login, try voting, try cheating, and let me know of your experiences.
Who is it for?
The tool works by users and platforms voting on each-other, and can be used in many ways
- make sure giveaways go to real users
- track buyer/seller reputaitons on ebay/shopify-like platforms
- build web3 social media in which users gain Reputation in the topics they are posting in. Imagine an app where a developer has more influence in topics about programming languages he regularly posts in, while an environmentalist might have more influence in topics related to his expertiese. Can even be used for web3 blogging platforms.
How does it work?
- Users vote on each-other
- Votes carry reputation
- Votes from users with higher reputaiton, carry more weight
- Anyone can create reputaiton #tags, and user reputation is exclusive to that tag.
- There’s a minimum reputation users must reach for their votes to start “counting” (keeps bots and fake accounts at bay)
- Which makes it extremely resistant to bots
- If a user’s reputation changes, his future votes AND is past votes update to reflect the change.
- This means, if a bad actor upvotes fake-accounts or bots, and is caught, as users downvote his account, the votes he made also start losing power.
- Votes decay over time
- Each reputation #tag can create its own rules for vote decay over time, minimum thresholds for being trusted, and minimum number of users to end reputation bootstrapping phase
- During bootstrapping, everyone’s votes count, after bootstrapping is over, only the votes from trusted users count)
- Backend is built using Juno, which means I can set the database to “private” after the tests, at which point not even I will have access to private user information.
- I could even allow users to create #tags in which users can’t see which account cast which vote (accounts are already annonymous unless the user reveals who he is, but this could be an additional level of annonymity).
- I can allow users to create “personas” for each community, so users can keep work and private life reputaitons apart. Gain reputation at #onlyfans without leaking over to your #icp reputation.
What makes it different?
- it is completely annonymous, real proof of human without KYC
- any app can use it like they wish, under their own rules. embed it into your app in any way that makes sense to you. Maybe you vote on users each time they buy, maybe users vote on each-other automatically after successful transactions, or maybe it is just a ‘like’ button that carries a vote in the #tag a topic is about. Use it however you like.
- completely free, and completely open source (though once cycle costs get too high, I might offer big accounts a way to pay for their cycles). This is NOT a for-profit app. I built it to benefit the ICP community.
How can you help?
I built it, and now I need a group of people to help stress test it, and try to exploit it. I want answers (and question) about:
- how much cycles does it use? I highly opimized the code, but the fact that old votes weight changes according to the user’s current reputation means a lot of recalculations over time. I used a clever approach with a mix of caching, partial updates, and ‘calculations as users are queried’ but I’m still curious to see how intensive it can get.
- How easy is it to exploit? Users usually find a way, but I am hoping that this ‘community based’ reputaiton system makes it hard for bad actors to gain reputation without ever being caught. Whenever a bot is found, users can see who upvoted him, and follow the trail to downvote the accounts that are creating the mess.
- What kind of features would app developers want for this? And is anyone interested in integrating? This is a Juno satelite with Candid endpoints, meaning anyone will be able to use this in their app.
So if you’re interested, please let me know. No technical knowledge required, it is a very easy web-interface that anyone can use.
How cool would it be if ICP is the first app to crack proof-of-human without KYC, completely annonymous, and bot resistant?
If you want to help, the test is live: