Id really like to understand your concerns.
It seemed in the first message you said that you know that the sybil defense is weak. How do you know this?
In this message you seem to be saying theres a legal issue. What legal issue is it? We have talked to multiple lawyers and our partner has the necessary licenses.
Ah thats an interesting perspective. So while everyone can participate either with fiat or crypto, the concern isnt whether everyone has a way to participate, it is that some people can participate easier which is unfair. Is that right?
Would we have some way to know demographics of just crypto? We would need a way to compare
Hi all,
Iām glad we can discuss the merit of certain features.
I believe:
- Helping someone acquire/earn their first crypto to donate > having someone donate with Paypal.
At the same time, I also believe:
- Having someone donate with Paypal > having someone not donate at all.
I can understand where the concerns related to PayPal donations come from as: 1. Itās harder to validate their independence than onchain donations and, to a lesser extent, 2. Many underserved communities canāt access PayPal (as easily).
We should continue to monitor these effects, but I feel the largest wins can be made by continuing to make it easier and more rewarding to donate onchain and stick around!
- If Sybil Defense relies on PayPal alone, then it is weak and have many attack vectors.
- If a Payment can be disputed 180 days via Buyer Protection, then whoever is receiving the PayPal Funds is liable for 6 months on the possibility of having a claim opened against you.
- If a central entity/group (people who provide the list of āFiat Donorsā to the Round Manager) have the decision-making over Model-based Detection, then youāre introducing another attack vector that relies on a workflow that already introduced few attack vectors (PayPal)
- If a merchant is being used to āreceiveā the PayPal funding and convert this into $USDC and charge a fee during this process then this is considered a āsale or purchaseā and applies the same 180 days Buyer Protection; meaning that if Red Team decides to attack a round then you may not notice the issue until Chargebacks Claims start to pile up and your merchant start calling.
- If a merchant is being used to process global payment for anything crypto related then i guess this will be a āhigh-riskā merchant, if this merchant provides the assurances that they handle Chargebacks then yay you have 1 less problem in your plate but still if your Sybill strategy relies on PayPal then it is weak because PayPal as a TradFi System have many attack vectors on its own.
Hi wasabi, for the many attack vectors that mean weak dybil defense, where is this information from?
Plenty of reports by doing a Google search showcases how cheap is to attack PayPal
This is a cool one; Dark web prices for stolen PayPal accounts and credit cards
Yes, it is unfair, it makes it more easy for some than for others. In Brazil for digital payments we use something called Pix, not Paypal. So imagine if the Round had allowed Pix donations, but not Paypal ones, how would the non Brazilian grantees feel? If Pix was allowed, I would get my mother, family and friends to donate. But Pix is not used in other countries, so it would be unfair with Paypal donors, and would of course only favor Brazilians.
Imo the safe method, where everyone can participate in a democratic way is for grantees to invest in educating their supporters about autocustody and web3 tooling for public goods.
Taking into consideration @LuukDAO comments, I agree with him that donating with Paypal > not donate at all. To solve this problem maybe round operators could add a box for the projectās Paypal/Pix/Stripe/etc addresses and people could donate in fiat directly to them if they prefer. However letting these donations get matched with community funds is very unsecure, inequal and maybe not aligned with Gitcoin intents.