1 XMR = $330.73

Please login

Region:

Current view: Classic | Threads
Sort by: New | Tips

Open sourcing XmrBazaar?

SoulReaver Donor - Resistor Verified
N/A (0)
Posts: 51
Earned: 0.003 XMR
Tipped: 0 XMR
There has been some renewed discussion in the community lately regarding the open sourcing of the XmrBazaar codebase.

The community seems to recall some mentions of open sourcing happening, so people are wondering if it's still on the table? If so, what the timeline looks like and under which license it might eventually be released?

This can potentially open up contributions to the platform as well as in a QA sense for finding and reporting issues.

Here's a forum post mentioning open sourcing plans:
https://xmrbazaar.com/forum/topic/29/post/115/#post_115

Tagging Douglas_Tuman
Edited: Jun 30 07:52
Tip Monero to SoulReaver
QR Code 8AJJt5FoxgKapYk69YgSLXPaSBYd88hghg32ie25ZXGSFFYgVeKT4ytLkPoCsnJGE3gQninbK6JDUAX4qNCRUqfXFwXe3Hm
Publish Tip to SoulReaver

Please login to publish your tip

nobswebdev Donor - Supporter Verified
5 (140)
Posts: 30
Earned: 0 XMR
Tipped: 0 XMR
Reply to post #1551
+1
Tip Monero to nobswebdev

nobswebdev has not setup a {COIN} tip address yet.

Publish Tip to nobswebdev

nobswebdev has not setup a {COIN} tip address yet.

yuzuki Donor - Supporter Verified
N/A (0)
Posts: 23
Earned: 0.1 XMR
Tipped: 0 XMR
I agree and disagree. On the hand, given the space we're in, making the project open source makes sense, however I also believe that a lot of work has gone into the platform and making it open source means anyone can start a platform that competes with XmrBazaar without having to put in any of the work. Given that this is a platform and not just a simple fediverse instance or a private shop, I think XmrBazaar is better off remaining closed source.

However, that is not to say open source has no place here. The one direction that makes sense is to release a core or community edition which is open source, while not having all the custom features that XmrBazaar has. This way anyone can work on extending it and work on creating add-ons and plugins.

Speaking of the license, we absolutely need a type of license that forbids governments and corporations from using any of the code and tech produced by the open source community. You see this all the time with open source projects. Some corporation comes along, stitches together open source tech without attribution or payment, patents the final product, and then sells it on the open market. This absolutely needs to stop! It is an enormous problem in the open source community and it's about time someone puts a stop to it.

I think this type of license agreement requires far more debate and discussion in the Monero, open source, and darknet communities to define what it can NOT be used for, such as:

- Any government or government affiliate actor can not use the software in any way
- Any corporation can not use the software to create an end product or use it as part of an end product and patent the entirety or the software itself

However, we need proper legal definitions here to ensure there are no workarounds across jurisdictions. I've been thinking about this a lot as I'm working on some projects myself that will eventually become open source and I have absolutely no interest in a government using it, a corporation using it to get rich quick, a company selling the software itself, or products being patented using the software.

One idea I had is to forbid any and all commercial use of the product without acquiring explicit permission. This would effectively prohibit any and all companies, corporations, and commercial actors from ever using the product. That is the explicit rule, while there is an implicit rule too. The implicit rule is that I would never go after legitimate actors, such as people wanting to start their own projects on the darknet and monetize them. Technically, I could legally go after them, but I never would.

Corporations are far more bound to these agreements than actors on the darknet or within the Monero community. I think this absolutely warrants discussion and we need to release an open source license specifically for this. The open source world has been taking advantage of for far too long by corpos, cronies, and corrupt motherfuckers. If the entire open source world effectively started using this new type of license that protects individuals and legitimate businesses, while telling corpos and governments to fuck off, many of these companies would no longer be able to sell their garbage products and it would cost them a fortune to develop it all themselves in house. This would lead to a split between the open source world and the corpo world, which is exactly what needs to happen.

It also opens up a new revenue stream for open source devs. Since corpos now have to acquire explicit permission, the devs could charge them whatever they want just to use the software.

We could start a small group to work on precisely this license type and test it out, then get the community's feedback to close any gaps.
My Website & Blog
Kikuri Darknet Knowledge Base
Tip Monero to yuzuki
QR Code 86GEJPxGRCyYBzQC18xTq1hzv2z2Trpu2RLwcLsgmQEw8itpca2eXknCuoBXo8jw5pevfcwNiHkGf4S257nDG4wLEZuYRXd
Publish Tip to yuzuki

Please login to publish your tip

AshleyJones Warning Donor Verified Donor - Resistor
5 (8)
Posts: 19
Earned: 0.02 XMR
Tipped: 0 XMR
For one, Doug would say that XmrBazaar would go open source once their donation goal was met -- which it was months ago. They didn't specify the license, but it seemed to be the usual GPLv3 until Aillia disliked seeing someone legally sell GPLv3 on here ( https://xmrbazaar.com/forum/topic/29/ ), where Aillia assumed it was illegal to do so and I had to really clarify that it actually was legal. Since then, Aillia wants to release the code as source available with inability to allow users to use it or modify it for oneself, which is not open source like Doug originally promised.

Just as background checks don't stop criminals from obtaining guns, source available won't stop any anonymous person from replicating source-available software, so it seems to be a moot point. And I suspect we have not heard anything about XmrBazaar going open source since the GPLv3 drama incident because they feel protective over this website and don't want anyone else to do a better website with the code. Or at least, that is how I see things. I believe code should be stripped from ego. I especially suspect this, given that open source benefits the users and the administrators. Instead of loading up work for one person and having to pay one person for all of the development work, you can have a vast array of people contributing at a much faster and diverse rate: for free.

Therefore, the decision seems ego-based rather than a genuine interest in freedom, de-centralization, and hacking.

I am not too keen on XmrBazaar anymore, partially due to this situation. I think the staff is un-educated on a lot of topics concerning:

-Privacy (Doug doesn't even have a basic understanding of tor as demonstrated on his Monero Talk videos).

-Decentralization e.g. clinging to Twitter after getting banned again and again; and the dev thinking that making an accessible onion requires a whole new server, which is not true.

-Basic and extreme misunderstanding of open source and its licenses.

-Using notoriously insecure Matrix chat.

-Registering their domain with GoDaddy and using 1984 hosting. Basic research (and common knowledge for people within these free speech circles) will tell you those are very bad options to go with. Unsurprisingly, issues arose due to those decisions.

These are pretty much the most basic pillars one would come across concerning de-centralization, security, and privacy, so I've found it shocking to see such actions.
Tip Monero to AshleyJones
QR Code 8A11e3NEQXvEbShkwZHd67e12rcM8GfADjSmrywkoZLP5XuakvDuNsp3d8B3RLoUZFRAFry38DM5Z6Gu1vJdbrRzVdbktHR
Publish Tip to AshleyJones

Please login to publish your tip

yuzuki Donor - Supporter Verified
N/A (0)
Posts: 23
Earned: 0.1 XMR
Tipped: 0 XMR
Reply to post #1577
I am not too keen on XmrBazaar anymore, partially due to this situation. I think the staff is un-educated on a lot of topics concerning:

-Privacy (Doug doesn't even have a basic understanding of tor as demonstrated on his Monero Talk videos).

-Decentralization e.g. clinging to Twitter after getting banned again and again; and the dev thinking that making an accessible onion requires a whole new server, which is not true.

-Basic and extreme misunderstanding of open source and its licenses.

-Using notoriously insecure Matrix chat.

---

I agree with all of the above. There is a lack of experience, but so was I when I first started out. There is a lot to opsec, privacy, security, and the darknet and the best way to learn is by doing, especially since there is virtually no information out there on hosting. Plenty of app recommendations by the privacy normies, such as switching from Gmail to Proton, but there is a substantial lack of in-depth opsec discussions and information on actually developing and hosting services. Once again, I learned most of my lessons based on my own experiences of hosting services, tinkering, and breaking things at times. I can just assume that the dev team is largely new to all this.

What I'm concerned about is that XmrBazaar will eventually land in hot waters with the law and if the devs don't have decent opsec, they will without a doubt end up like the devs of Samourai Wallet.

I also don't like that they are using MyNymBox and Godaddy. MyNymBox is a normie privacy host when what XmrBazaar needs is an offshore host. That is offshore as in a jurisdiction that lets you do whatever you want for the most part with a reverse proxy to hide the real IP address. I would be even happier if XmrBazaar discarded the clearnet domain and just went with Tor and i2p only.

I don't know what is happening in the background and how solid the staffs' opsec is, but I can almost guarantee the domain will be suspended by GoDaddy eventually, and there is a very good chance there will be legal problems for the staff as the platform grows. These are real threats and I think a lot of people in the monero community are blinded by ideology and don't acknowledge the actual risks of what they are saying and doing. Are taxes even paid? Does it legally need a business license? Because if no taxes are paid, then that's an easy money laundering charge. Not to mention, there are accounts being sold and "KYC" services provided. It's deep in the grey market verging on black market. If an investigation is ever conducted and charges are brought against the staff, they will without a doubt use everything posted by the staff against them in court, which will make them look even worse to the average judge and gives the media lots of ammo.

I see this problem occurring throughout the Monero community. I could not possibly imagine tying my real identity to my activities here nor going on a podcast and making my voice public. I'm willing to bet that something along those lines will happen here.

My take on open sourcing the platform is "it depends". My primary position is that the open source community should fight back against corpos and governments by not allowing them to use their software as they use that precise software in surveillance tech, identity verification software, and shitty products. I absolutely believe that anonymous users and individuals should be able to use it whatever way they like, but the corpo world has to be blacklisted from using it. Anons don't have to respect licenses, but corpos usually do. You also get far more out of suing a corporation than some random individual. That's something I believe should apply to the open source world as a whole, not specifically to one project.

I do intend on open sourcing my platform later once I have developed a proper fedi integration, but in that case I would release a core. The core does most things, but there are a few custom integrations or features that would be specific to my own platform. Therefor anyone can host their own and contribute code, but there would always be a few features that distinguish my platform from any other hosted one. I believe the same would be useful for XmrBazaar.

The question also is whether XmrBazaar is considered a private or public project. If it is considered a public or community project, then yes, it should without a doubt be made open source. If it is considered a private project, then my suggestion is to release the core and keep the rest private. It may piss off some people in the open source world, yes, however the last thing I would want is to sink hundreds of hours into a project only for someone else to come along and use the code to host their own platform and for their platform to now compete with mine. I think that would be fucking retarded especially since I would keep on making updates feeding a competing business. They have to invest 0 hours into development, I have to invest hundreds of hours and they receive my labor free of charge.

So it begs the question: Is XmrBazaar a public / community project or is a private project?
My Website & Blog
Kikuri Darknet Knowledge Base
Tip Monero to yuzuki
QR Code 86GEJPxGRCyYBzQC18xTq1hzv2z2Trpu2RLwcLsgmQEw8itpca2eXknCuoBXo8jw5pevfcwNiHkGf4S257nDG4wLEZuYRXd
Publish Tip to yuzuki

Please login to publish your tip

AshleyJones Warning Donor Verified Donor - Resistor
5 (8)
Posts: 19
Earned: 0.02 XMR
Tipped: 0 XMR
Reply to post #1578
I would find it a little shocking that people in the Monero circle wouldn't research providers before going with them. Just as we are suspicious of fiat banking institutions, I assumed others were more apt to research providers before going with them. I do see a divide in technical knowledge between the agorist Monero users and privacy Monero users, and perhaps this is where the issue arose.

When I made a website, I knew I was going to host media that would get me booted from most hosting services. Maybe being a conspiracy theorist and general extremist in all regards made me realize that, starting around ~2015, people started getting booted off of banks and hosting services alike. When it came time to making my website, I had the foresight to know to research domain registrars and hosting providers.

=====

As a truly anonymous person using monero in a smart manner, you can easily get away without paying taxes. In any other situation, it would depend if the alphabet boys are trying to get you in trouble (e.g. doing illegal activity for monero), or if you're large enough and are presumably earning a large amount of XMR, you'd probably have some questions to answer.

=====

As for your idea of keeping open source strictly for the people rather than corporations and government, I would like that too. Problem is, it isn't realistic -- depending on the software. One prime example: Trump's truth social was caught recycling mastodon -- no mentions of where the source code was from, of course. From my understanding, federated software is harder to conceal due to ActivityPub, even if disabled. Even if XmrBazaar releases the code as source available, it doesn't stop anyone with anonymity or the means to conceal the code such as: taking the open source code and re-write (even with an LLM) so it's "new". It seems like whack-a-mole in terms of preventative measures you can't truly control.

As for your question if XmrBazaar is private project or a public community project. It has been community funded (77.2798 xmr = $25,294) to re-coup Doug's initial costs, and he said once he met the donation goal, it would go open source. This situation is very cut and dry, but we'll see what they say.

Donation page: https://xmrbazaar.com/fundraiser/
Edited: Jul 5 03:50
Tip Monero to AshleyJones
QR Code 8A11e3NEQXvEbShkwZHd67e12rcM8GfADjSmrywkoZLP5XuakvDuNsp3d8B3RLoUZFRAFry38DM5Z6Gu1vJdbrRzVdbktHR
Publish Tip to AshleyJones

Please login to publish your tip

SoulReaver Donor - Resistor Verified
N/A (0)
Posts: 51
Earned: 0.003 XMR
Tipped: 0 XMR
Reply to post #1578
I keep writing about these things.

The GoDaddy problem:
https://xmrbazaar.com/forum/topic/262/
Godaddy issue isn't if, it's when.
(don't shit on me for recommending consolidating on 1984, I had limited knowledge on that)

The KYC acc sale problem:
https://xmrbazaar.com/forum/topic/270/
(And yes, services/assistance labels isn't fooling anyone)

Grey/black market issue isn't isolated, you can find heavily controlled and regulated substances (on their jurisdiction) and government ID circumvention software around that stay up regardless if you report them or not, so I'm not surprised that you look at the landscape and want to see this as a TOR/I2P only site, but this was never meant to be a grey/dark marketplace, IIRC this was always advertised as a clear, Clearnet marketplace where people sell normie stuff like food and clothes, electronics etc. I have the feeling the platform is going through an identity crisis between what it wants to be and the high leniency it shows to listings and sellers turning it into something else that was not originally intended and making it's survival on Clearnet harder.
Discarding the Clearnet domain and just going with Tor and i2p not only would be antithetical to the platform's intentions, that would also permanently cap it's adoption ceiling once/if it's off of the Clearnet.

With all due respect to all the work going on, the platform isn't reinventing the wheel. The general marketplace structure isn't something new, messaging is based on PGP, escrow is based on multisig. Largely implementation and combining of existing components rather than some truly unique, new invention that's super hard to replicate.
What I'm trying to say is that platform's moat isn't necessarily the code itself.
There have been numerous attempts of Monero marketplaces coming before.
It's more about (assuming your goal is a clearnet marketplace):
- Attracting and retaining userbase and quality vendors
- Willingness to continuously fight against platform turning into grey/dark market
- Willingness to combat against platform manipulation
- Eradication of bad actors
etc.
It more comes down to implementation details IMO.
So, the idea that if/once platform goes open source, there can arise a contender bigger/better isn't a definitive concern. Even if that happens, since the beginning the continuous mission statement is expanding Monero circular economy, so in theory, if open sourcing the platform helps achieving and expanding that goal further, it's direct realization of mission statement anyways. Open sourcing XmrBazaar isn't antithesis of mission statement here, it's the direct, natural extension.

Your ability to offensively enforce a software license matters to the degree of your ability and willingness to pursue litigation. Enforcement requires deep pockets, time, and a willingness to fight, especially across jurisdictions that won't always necessarily take your request seriously. Therefore, if you're a small/single entity with a limited budget, you cannot use a license as a sword to hunt down bad actors as effectively as you might think. But it may remain a shield for liability protection and automated corporate compliance (Limitation of Liability, AGPL gotcha, DMCA if you're lucky). This's besides points Ashley made about technical and realistic difficulties of proving and enforcing it.

I've been talking with 10s of different people on the platform both vendors and regular users, lots of people are irked by grey/black market area listings going around and other issues. But only a handful of us (me, Ashley, you etc.) take the time to write about these things on forums. Provided you think it would make any difference, it would benefit to hear more voices here represented if we were to have any hope and action on improvements.
Edited: Jul 5 07:13
Tip Monero to SoulReaver
QR Code 8AJJt5FoxgKapYk69YgSLXPaSBYd88hghg32ie25ZXGSFFYgVeKT4ytLkPoCsnJGE3gQninbK6JDUAX4qNCRUqfXFwXe3Hm
Publish Tip to SoulReaver

Please login to publish your tip

yuzuki Donor - Supporter Verified
N/A (0)
Posts: 23
Earned: 0.1 XMR
Tipped: 0 XMR
Reply to post #1581
If it's a public / community project, then I believe the code should be made open source for anyone to use. That changes the equation drastically. Although donations alone don't mean it is private as you can easily donate to private projects as well, so it becomes a question of intend and expectation and what the users who donated expected from this project. Since it was donation driven, yes, I would want to see it open source. When it comes to public / community projects I would also want to see how the funds were used and divided for the sake of transparency and accountability.
My Website & Blog
Kikuri Darknet Knowledge Base
Tip Monero to yuzuki
QR Code 86GEJPxGRCyYBzQC18xTq1hzv2z2Trpu2RLwcLsgmQEw8itpca2eXknCuoBXo8jw5pevfcwNiHkGf4S257nDG4wLEZuYRXd
Publish Tip to yuzuki

Please login to publish your tip

yuzuki Donor - Supporter Verified
N/A (0)
Posts: 23
Earned: 0.1 XMR
Tipped: 0 XMR
Reply to post #1582
I've talked about this several times before, but I'll bring it up again. I consider Monero agorists to be largely delusional. It's important to understand what exactly gives Monero its value and it's not some libertarians wanting to buy a cup of coffee or a shirt with Monero. What matters isn't "want", it's "need" (i.e. utility). It's the utility value that matters. The hard truth is that Monero is unlikely to ever become mainstream, at least not in the way that the agorists want it to be. Cash is far easier and more practical in daily transactions, in B2B barely any business will accept crypto and much less Monero, and crypto largely receives its value from people thinking it'll go up in value and not from the actual utility value.

Monero is the currency of the darknet and the reason for it is the plausible deniability and anonymity it provides. This is ideal for money laundering, black market transactions, and other types of transactions that you don't want governments knowing about. This is the utility value it provides. It will not suddenly replace everyday eCommerce stores, it won't replace credit and debit cards, it won't replace banking accounts. The majority of Monero's values does not come from agorists, it comes from illicit uses and investors / traders.

I also wrote more on that in another thread: http://XmrBazaar6wzcr3wvj4anpnfwv5tcikgdurtzzfba233g52fa2fjx3qd.onion/forum/topic/221/page/1/

Execution and market fit are the primary problems at this time as I see it. Lots of shady vendors exist on the platform, so you can either start optimizing the platform for those vendors or you can kick them out and lose a large number of listings.

It also doesn't help that so many Monero projects are vibe coded and end up vanishing within a few months.
My Website & Blog
Kikuri Darknet Knowledge Base
Tip Monero to yuzuki
QR Code 86GEJPxGRCyYBzQC18xTq1hzv2z2Trpu2RLwcLsgmQEw8itpca2eXknCuoBXo8jw5pevfcwNiHkGf4S257nDG4wLEZuYRXd
Publish Tip to yuzuki

Please login to publish your tip

SoulReaver Donor - Resistor Verified
N/A (0)
Posts: 51
Earned: 0.003 XMR
Tipped: 0 XMR
Reply to post #1584
There's some Clearnet Monero P2P market demand but it most likely has certain PMF and TAM ceilings as you mentioned.
We currently have very limited definitive view on the amount of action that's going on here.
Last report we had:
https://themeritocrat.substack.com/p/XmrBazaars-best-selling-categories (lowercase the X and B from XmrBazaar, I've no idea why the forum is aggressively capitalizing those. Sounds like some unnecessary regex going rogue and breaking links...)
(url shortened version to bypass forum messing w/ my text: Link )
However surely you can make some reasonable guesses from outside.

I too get the impression that currently grey/dark leaning listings might be leading on the action front, though I'm not 100% certain. We'd benefit from a permanent, frequently refreshing stats page showing industry standard tracking metrics like DAU/WAU/MAU (Daily/Weekly/Monthly Active Users), GMV (Gross Merchandise Value), AOV (Average Order Value), conversion rates, and user retention, among other standard platform measurement metrics. I did such request some time ago, but IDK if/when the development priorities will reach that point.

I don't quite see the general sentiment that Clearnet Monero market will become this huge thing, I think opinions around here are usually more grounded. The intention seems to be capturing some slice of private legal P2P marketplace.
I realized you mentioned there are some knowledge gaps on what the people involved actually think about things. Admin has some writing about the platform, and you can piece together some of the approaches from that. But I want to set expectations here that this is less than 1/3 of the thinking going on from the people involved. Considering there's the dev (Anariko) and Doug, and it seems the buck stops at Doug, he has oversized influence, which is probably where the majority of the execution angle you brought up is coming from.
https://themeritocrat.substack.com/archive?sort=new
Edited: Jul 5 07:11
Tip Monero to SoulReaver
QR Code 8AJJt5FoxgKapYk69YgSLXPaSBYd88hghg32ie25ZXGSFFYgVeKT4ytLkPoCsnJGE3gQninbK6JDUAX4qNCRUqfXFwXe3Hm
Publish Tip to SoulReaver

Please login to publish your tip

AshleyJones Warning Donor Verified Donor - Resistor
5 (8)
Posts: 19
Earned: 0.02 XMR
Tipped: 0 XMR
Reply to post #1582
>IIRC this was always advertised as a clear, Clearnet marketplace where people sell normie stuff like food and clothes, electronics etc.
This is true. They compare it to Craigslist on their "About" page here: https://xmrbazaar.com/about/ . I would like to see this website be more concentrated with those things you listed; just as you would see on Craigslist or eBay. But things like account sales (which is an issue they've gotten in trouble for), among other middling services have a large dominance over the former.

And you raised a really good point. This platform isn't anything we haven't seen before. In fact, there are many ways to plug-and-play a similar website quickly for way less than $20,000. Probably under $100. So if someone wants to make a monero marketplace, there are plenty of resources to do so very easily. Whether the code is public or not doesn't change whatever competition they could face -- that's always something that can crop up, and has, and will. Just a little bit ago we had Monero Market. So something else will probably come next. And something will come after that. Etc. That doesn't change the fact that there are many people who like XmrBazaar, and have placed trust in this operation, and want it open source for the sake of contributing to the platform's code, helping with vulnerabilities, and building an atmosphere that is much more closely aligned with what Monero is: open source, by the community, for the community.

And as yuzuki brought up, there is an issue of the agorist crowd operating as if the rules are what they wish, rather than reality. Someone operating under that assumption will be met with continual failure and frustration, as we've seen with the numerous little roadblocks XmrBazaar has faced. It makes me wonder: how well is the code written? From what we can see on a public level, there are multiple issues that more experienced web developers here wouldn't make.

On a really minute level that may reflect a bigger picture: I recall pointing out in the Trollbox that when using dark mode, the CSS he had written inverted the colors on a picture which made reds appear pink, with the specific snippet that caused this issue. This was not good for clothing listings, as the colors did not reflect reality. I mentioned that there was a better way to darken pictures for dark mode. The dev had written a response in the Trollbox that he and I both knew didn't tie into what was actually happening, it seemed like an excuse to cover an accident or save face. It left a bad taste in my mouth, because there shouldn't be a reason to lie or save face for something as small as a line in CSS. Anyone who works in IT has faced this exact scenario though. I wish I could recall his exact response, but this was over a year ago.

I recall either Doug or the dev saying he wanted the code cleaned up a big amount before going open source. So, my worry is... is it vibe coded? Is that maybe the real reason we haven't seen any movement about this going open source? If it's human written, then why do we care if the code is embarrassing? As I said, code is not an emotion. It shouldn't be tied to an ego. From a logical standpoint, XmrBazaar would have validity over any other competing platform if they made it open source.
Edited: Jul 5 07:19
Tip Monero to AshleyJones
QR Code 8A11e3NEQXvEbShkwZHd67e12rcM8GfADjSmrywkoZLP5XuakvDuNsp3d8B3RLoUZFRAFry38DM5Z6Gu1vJdbrRzVdbktHR
Publish Tip to AshleyJones

Please login to publish your tip

Page:
1
You must login in order to publish a post