0 sats \ 2 replies \ @toyota_corolla0 25 Apr \ on: "Federated" is nomenclature used by scammers to mislead the non-technical bitcoin
Hello, I have built a module for fedimint and have some knowledge of the inner workings.
The examples you put forward are accounted for in the fedimint implementation. The invite code used to join a federation contains all the public keys of the guardians in that federation. The client ensures data received from the federation is signed by a threshold of the guardians.
Lightning gateways are implemented in fedimint in a way that gateways cannot steal users funds.
I would argue that fedimint is actually harder to justify to the regulators because of its great privacy guarantees. I agree that public federations could very likely be targets of rug pulls from the governments they operate under.
By their own documentation, the security model is bank runs... It's not even multisig (I'm aware they are pursuing FROST but that begs other questions about the coordination)
A client that verifys signatures can eliminate some of the communication layer risk, but it still comes down to single point of control transactionally, including ingest of the destination specified by the client.
Important to remember that at a high level these are perpetual motion machines, if they worked as users are lead to believe, Bitcoin wouldn't be needed because we could forego PoW consensus and call it good with quorum.
As for scamming the regulators, the holy grail is breaking up custodianship into countless pieces. Federations are re-centralization tech, and therefore and an attack on that vision.
reply
If its not multisig, then that defeats the whole purpose of a federation.
The client can broadcast their transactions to multiple guardians to mitigate transaction censorship from malicious guardian.
Federations are just another way to run custodial bitcoin. They have a different trust model than the traditional single custodian controls everything. They still require total trust that a group of the guardians won't go malicious.
reply