Suspicious activity: change to pending + challenge by a user on this forum

@mateodazab Can you comment on this case? It appears that you changed the registrant’s state to Pending so that you could immediately Challenge them. My apologies if I’m incorrect:

Mateo’s profile w/ address: Proof of Humanity, a sybil-proof list of humans.

Case 709 brought by Mateo: Kleros · Court

Etherscan pages for Mateo’s address showing the change-to-pending on the victim and immediate challenge:

My sincerest apologies if I’m mistaken.

cc: @ludovico

Hey! That’s indeed me, very cool that you found out.

I did this to show the vulnerability that currently exists. It’s pretty unfair but the system allows it.

I decided to do it in pos of this proposal [Phase 1] HIP-12: Let users decide to "Accept" vouches when your profile is in vouching phase that it’s getting actually objected.
I wanna make the point that we are allowing many extra interests to occur besides the principal that is identity verification, if we want to let this be useful for everyone we have to make it the most fair to use. I would love to see this network of humans as fair and resilient as possible. Even if I have to serve as the “black hat” and easily reachable hacker ( the worst in humanity )

I want to see how the Kleros court reacts and how fair the result is. My friend’s result on the case described in my proposal was costly and very unfair, they denied the profile even after showing new evidence, but there was no discussion at the moment, I believe the court is very black and white in decisions and they are losing the point of curating properly the humanity of people.
I decided to not do it anonymously and make the discussion more public, I’m happy and excited you found it because we can get to talk about it, unlike my friend’s case I couldn’t blame it to anyone ( I believe there’s also a proposal around there to only allow challenges from humans )

Now let’s debate!

Remove the part that it’s me and it was someone anonymous instead, what’s the difference between this action and the one rejected to my friend, some unknown gave him the vouch and then someone challenged. If the Kleros court is always going to be black and white on decisions like this then we can make a stronger system by adding the vouch acceptance which I’m proposing. The other option is to make the court’s guidelines more fair for the system. We want a network of real people, mistakes are the most human thing, so is the goal to curate that or just slashing profiles like robots?

I’m very interested in seeing how this develop. And again, my objective with this is to make our system more resilient and fair. Not to win/lose money or catch a fight :smiley:

EDIT: By the way. I forgot to address the status change to pending. I’m not aware if the action is blocked for only humans or not, but anyway I did it to move fast and be more obvious. No other reason
EDIT2: Anyone can actually speed up the pending stage, so the ‘attacker’ could have also done it anonymously

1 Like

Also important to mention, I compromise to return the stake to Nicolas after the court is decided, which I HOPE to lose, clearly he is human.

It’s not about the money, it’s about making it a little clearer that it’s a vulnerability on fairness - today we are more than 5K, what would happen when we get to millions?


Thank you @mateodazab ! I appreciate all the thought you put into this. I totally remember the case you’re talking about.


There is no vulnerability on fairness. It’s a TCR, if someone submits some information which is incorrect, this someone will lose its deposit.
Asking people to accept vouches would cost extra gas, lower the UX and slow down adoption (as submissions will move slower due to the extra time for accepting vouches).

Allowing people to correct their information when they are challenged would not work because:

  • You could try to attack for free (and correct if you are caught).
  • The challenger would be the one losing its money, so this would kill the challenger ecosystem.
  • Even if something is not an obvious attack, allowing incorrect submissions could still be a risk as they would make the use of tools (such as face/voice recognition) to detect duplicates and deepfakes harder.
1 Like

Hope this leaves some kind of mark for the future even if it doesn’t change the current flow

Also, here I leave the tx hash of the balance returned to the registrant - the court found the case lost as expected