For those of you not on Keybase yet, here's the most important piece of information in the post:
"To qualify: you must have a Keybase account registered before this announcement OR if you're new to Keybase, you must connect your Keybase account to a GitHub or HackerNews account that was registered before this announcement. This is to prevent bot signups to Keybase."
It fails to mention that Github and HN accounts must be older than January 1, 2017. This is what I saw in the app when I tried to join the airdrop: https://i.imgur.com/ZOZ1rB7.png
I hope that's an accidental omission and not an intentional dark pattern.
Not a dark pattern, an accidental leftover string from our testing. Any account registered before today qualifies. I'll deploy a fix to that shortly. Update: deployed, although you may need to restart your app to update the text.
Sucks you had the sign up date prior to the announcement. When I read the announcement I immediately signed up for a keybase, HN and Github account and then find out I cant be included because I signed up on 9/9/2019. You would think that would be the incentive to at least give a little buffer for people to join in that were not aware.
The fact it's tied to a Keybase wallet is important because Stellar's path payments functionality was just launched on Keybase. To summarize, you can use Keybase to send someone any asset they'd like using any asset you're holding, all on Stellar's decentralized exchange. It happens transparently behind the scenes to convert assets: https://www.stellar.org/developers/horizon/reference/endpoin...
I'd normally be with you on this and I get the sensitivity to cryptocurrency (more-often-than-not-snakeoil) posts, but I think this is interesting because of the broader implications:
(1) Keybase is an interesting product -- on its own, it's a great product (I've been a user since before `kbfs`) that's well designed, its architecture and implementation is interesting and its features are practical/useful to a lot of us. I don't know that they've made public/private key cryptography accessible to everyone, but it's a far cry from every other attempt I've seen.
(2) At least, for me, I didn't understand the reason for Stellar's integration. A lot of people ran to "quick buck"/"another crypto-play", but it just didn't seem consistent with the way keybase had been operating up to then. There were already many shared technologies involved, along with a company that, thus far, has had me excited with every new feature announcement, I remember saying "not sure how good of an idea this is, but if it can be done, they're the ones that could probably do it".
And their purpose for the currency, from what little I (probably don't) understand, is not to hold/trade but use it to purchase.
I hadn't touched the Stellar wallet feature, at all, because I didn't care to figure out how to put cash money into a crypto account "for no reason". I'm not a cryptocurrency investor (I've mined a bit). The thing of it is, I cared so little about it that I didn't even bother looking if there was a reason to toss some funds in. Now I don't have to and they just bribed me to investigate, further.
I'm guessing this is mostly a marketing play. Hopefully I'll find some good reason that I want $20 in Lumens; if that's the case, then they saw what was needed to hack me.
I think the interesting thing about a cryptocurrency working with keybase is that it is a solid solution to the "am I sending this money to the person I think I am" problem. If I owe someone $20, I might or might not know their venmo name, or their bitcoin address, but I probably know their handle on github, hacker news, twitter, reddit, etc.
I'm not sure it's a great idea to place a $20 bounty on breaking into anyone's Keybase, GitHub, or Hacker News account? And this bounty will go up every month, until something breaks?
The weak link here seems to be Hacker News since it's protected only by a password.
How does compromising a GitHub or HN account compromise the linked Keybase account? Yes, you can link to those accounts on Keybase, but the trust relationship is going the other way: Keybase is proving that you had access to those accounts (on a particular day).
I think the implication is that an unlinked and appropriately aged Github/HN account can be compromised to get 20 bucks by compromising and linking.
I'm sure if someone actually reached out to @malgorithms saying "hey someone stole my GH/HN account out from under me to get the 20 bucks" they'd resolve the issue.
That's assuming you would notice. I just linked my HN account to Keybase, then deleted the proof from my HN profile. The link doesn't seem to be revoked?
It seems like an attacker could do that, and I don't know when you'd first notice that your HN profile is linked to a Keybase account that doesn't belong to you? Particularly someone who doesn't use Keybase.
The link isn't removed on the keybase side but the next time it's checked it will be flagged as bad. Clients will check it automatically when you follow; otherwise, I believe what happens is the system will periodically check it and cache that data for some time (so that way you're not hitting the external services every single time you visit someone's profile).
I would assume the airdrop ensures the GitHub/HN proofs are up-to-date before sending the lumens.
It depends on how you interpret your jurisdiction's tax laws. in the united states there are some tax professionals that would count airdrops as taxable, and others that wouldn't if you never plan to claim the airdrop.
First - this will apply to HN users with a Keybase account who have opted in to the airdrop, not all HN users.
I am not a CPA, but I think there are two things involved here (for people in the US):
1. This is a gift, but the value of it (about $20 right now) is less than the gift tax threshold.
2. Lumens are probably (?) treated like bitcoin, which are treated like a security, not currency.
I think this means that yes, there are tax implications. You will be obligated to pay short- or long-term capital gains tax when you elect to 'sell' the Lumens, and the cost basis will be the fair market value of the Lumens on the day you receive them from SDF.
Again, not a CPA, tax lawyer, or anything like that.
I have a Keybase account with a wallet. I haven't actually used the wallet for anything, but it does exist. And I didn't receive any lumens.
If this surprise gift was for "each active Keybase user", how do they define "active Keybase user"?
Edit: Also, the desktop app didn't show anything about joining the monthly airdrop. I had to fire up the mobile app to see it.
Edit 2: After fully quitting the desktop app (including status item) and relaunching, the Wallet section finally shows an "Airdrop" entry. I shouldn't have to fully quit out of Keybase for this to work though.
26 comments
[ 3.0 ms ] story [ 50.7 ms ] thread"To qualify: you must have a Keybase account registered before this announcement OR if you're new to Keybase, you must connect your Keybase account to a GitHub or HackerNews account that was registered before this announcement. This is to prevent bot signups to Keybase."
I hope that's an accidental omission and not an intentional dark pattern.
Seems like every other coin/product giveaway to seed users on a platform, but I'm not super familiar with the Stellar network.
The fact it's tied to a Keybase wallet is important because Stellar's path payments functionality was just launched on Keybase. To summarize, you can use Keybase to send someone any asset they'd like using any asset you're holding, all on Stellar's decentralized exchange. It happens transparently behind the scenes to convert assets: https://www.stellar.org/developers/horizon/reference/endpoin...
If it lends any credibility to you, Stellar was initially backed by Stripe in 2014: https://stripe.com/blog/stellar
(1) Keybase is an interesting product -- on its own, it's a great product (I've been a user since before `kbfs`) that's well designed, its architecture and implementation is interesting and its features are practical/useful to a lot of us. I don't know that they've made public/private key cryptography accessible to everyone, but it's a far cry from every other attempt I've seen.
(2) At least, for me, I didn't understand the reason for Stellar's integration. A lot of people ran to "quick buck"/"another crypto-play", but it just didn't seem consistent with the way keybase had been operating up to then. There were already many shared technologies involved, along with a company that, thus far, has had me excited with every new feature announcement, I remember saying "not sure how good of an idea this is, but if it can be done, they're the ones that could probably do it".
And their purpose for the currency, from what little I (probably don't) understand, is not to hold/trade but use it to purchase.
I hadn't touched the Stellar wallet feature, at all, because I didn't care to figure out how to put cash money into a crypto account "for no reason". I'm not a cryptocurrency investor (I've mined a bit). The thing of it is, I cared so little about it that I didn't even bother looking if there was a reason to toss some funds in. Now I don't have to and they just bribed me to investigate, further.
I'm guessing this is mostly a marketing play. Hopefully I'll find some good reason that I want $20 in Lumens; if that's the case, then they saw what was needed to hack me.
The weak link here seems to be Hacker News since it's protected only by a password.
I'm sure if someone actually reached out to @malgorithms saying "hey someone stole my GH/HN account out from under me to get the 20 bucks" they'd resolve the issue.
It seems like an attacker could do that, and I don't know when you'd first notice that your HN profile is linked to a Keybase account that doesn't belong to you? Particularly someone who doesn't use Keybase.
I would assume the airdrop ensures the GitHub/HN proofs are up-to-date before sending the lumens.
I am not a CPA, but I think there are two things involved here (for people in the US):
1. This is a gift, but the value of it (about $20 right now) is less than the gift tax threshold. 2. Lumens are probably (?) treated like bitcoin, which are treated like a security, not currency.
I think this means that yes, there are tax implications. You will be obligated to pay short- or long-term capital gains tax when you elect to 'sell' the Lumens, and the cost basis will be the fair market value of the Lumens on the day you receive them from SDF.
Again, not a CPA, tax lawyer, or anything like that.
If this surprise gift was for "each active Keybase user", how do they define "active Keybase user"?
Edit: Also, the desktop app didn't show anything about joining the monthly airdrop. I had to fire up the mobile app to see it.
Edit 2: After fully quitting the desktop app (including status item) and relaunching, the Wallet section finally shows an "Airdrop" entry. I shouldn't have to fully quit out of Keybase for this to work though.