pull down to refresh

Mint Auditoraudit.8333.space/
2824 sats \ 14 comments \ @ek 10 Oct 2024 bitcoin
zaps forwarded to @calle (100%)
I've built a thing: The Cashu mint Round Robin auditor

An app that perpetually monitors a list of mints by randomly sending Lightning payments between them. Forever. The sats go in a circle until all is lost to fees or rugs. If a mint fails to pay an invoice, it is marked with a scary red label.

You can donate Ecash from any mint to add it to the list of audited mints!

note1sl4yllteusns2m7n9e2408nqdzcx298t9xj484lr4zr769mweeksgnht94

write
preview
related posts
11 sats \ 5 replies \ @fanis 10 Oct 2024

An interesting point is that it works only because mints are blind.

reply
11 sats \ 4 replies \ @ek OP 10 Oct 2024

Can you elaborate? I am not sure what blind signatures have to do with this. This is using lightning transactions between mints, mints can clearly see where they send sats to.

reply
243 sats \ 3 replies \ @fanis 10 Oct 2024

By "blind", I mean that a mint doesn't know which user an ecash token "belongs" to. If they weren't blind, mints could always honor withdrawal requests from identified auditors, thus appearing trustworthy while rugging other users.

In other words, it works because a mint can either rug everyone, or rug no one. They can not rug one user in particular.

reply
55 sats \ 1 reply \ @ek OP 10 Oct 2024
If they weren't blind, mints could always honor withdrawal requests from identifies auditors, thus appearing trustworthy while rugging other users.

Ah, I see. My point is that in this case, mints could always honor withdrawals to other mints but not anywhere else to make this tool less useful. The mints essentially audit each other.

But at least this means you could always swap to a different, honest mint before withdrawing to your own wallet.

I think BOLT12 can fix this.

Btw, I still think this tool is useful. I am just trying to point out limitations.

reply
111 sats \ 0 replies \ @fanis 10 Oct 2024

I guess it depends on how much actual mint-to-mint transactions there are. If there are a lot, then audits are hidden in the crowd. Else, what you describe is indeed possible.

And yes, Bolt12's receiver privacy probably fixes this ๐Ÿซก

reply
55 sats \ 0 replies \ @DarthCoin 10 Oct 2024

blind rug pull ๐Ÿ˜‚๐Ÿ˜‚๐Ÿ˜‚

reply
11 sats \ 2 replies \ @Thereal 10 Oct 2024

Can you explain this to a newbie like me

reply
196 sats \ 0 replies \ @DarthCoin 10 Oct 2024

ecash mints are practically custodians for "gift cards" that supposedly should be backed with same amount of sats.

In order to use these custodian mints, you need some kind of audit, to be sure you will not be rug pulled.

So this audit app, is sending random ecash tokens between mints to see if are responding correctly, alive and function properly. Is a simple form of checking the mint.

reply
180 sats \ 0 replies \ @ek OP 10 Oct 2024

Ecash mints are custodians so they can rug you.

To alert users of a mint that it might be in the process of a rug, this tool automates payments between mints. If a mint fails to pay an invoice, it will be marked so others can avoid it. It doesnโ€™t prevent rugs, itโ€™s only monitoring.

reply
33 sats \ 0 replies \ @siggy47 10 Oct 2024

I just posted about this before seeing your post. This could really be fantastic if it can't be gamed.

reply
11 sats \ 0 replies \ @TheWildHustle 10 Oct 2024

Really cool.

reply
11 sats \ 0 replies \ @DarthCoin 10 Oct 2024

Ha! Nice to see how mints can be audited. Very interesting.
Donated some tokens.

reply
0 sats \ 0 replies \ @Wumbo 11 Oct 2024

This got mention on Rabbit Hole Recap this week:

view on www.youtube.com
reply
0 sats \ 0 replies \ @bature 10 Oct 2024

This is great.

reply