Thinking about this more I’ll add a warning to the account in question so it’s easier to spot on the explorer.
However this is just a quick fix and will rely on trusting me to assign the warnings correctly, going forward I’d like to implement a more robust system for reporting scam addresses but need to research the best way to do this I’ll look at etherscan to start with and would like to hear any input or suggestions you all have.
Additionally I noticed the address in this case used the plasm bot, should flagged addresses also be banned from using this service? I don’t want to assist the scammers but I also don’t want to be seen a picking and choosing who can use the services on offer
This leads me to believe this person could be someone more active in the community. Not sure about banning people from the service. That is a slippery slope and will be very hard to manage and then it becomes centralized.
To be clear on this matter, I would like to point out that both the victim and the scammer reached out to me after they made the deal. There was nothing I could do to reverse the transaction since the victim decided to use an unauthorized escrow.
Before the victim reached out to me, the scammer DM’ed me asking if there was a way to get Plasma fused for his address. Since he did not own any QSR, I redirected him to the Plasma bot on Zenonhub.io. Afterwards he used the bot to fuse Plasma to the fake escrow address (containing the stolen QSR).
It is a very unfortunate event, but I don’t think we should ban users from using the Plasma bot in the future… Dealing OTC is always risky and should not be done without proper due diligence… Hopefully we can see the P2P swaps integrated in the near future to avoid these kind of scams entirely.
P.S. I do agree on blacklisting scammer/hacker addresses, if possible. Malicious acts should not be condoned on our network.
Blacklisting malicious addresses is common practice and, frankly, a necessity sometimes. It would also help make it harder for the scammer to spend those funds if we map all addresses interacting with the one used by the bad actor.
Decentralization refers to governance. As long as not only a single person can ever swing the ban hammer, there’s no reason not to prosecute scammers. Libertarianism condemns harmful behavior.
Blacklisting is literally pointless. P2P atomic swaps fix this, no reason to “send first” ever again in your life. With the flow created by vilkris and co, it’s even delightful to use within syrius.
Additionally, privacy will be essential moving forward (speculation but reasonable to assume), so it would be trivial for bad actors to take advantage of these features too.
On top of that, we currently have auto receive on (pending alienc0der’s feature) so I suggest the scammer sends the funds to shazz so we can map his address to that of the bad actor.
I think its important to highlight possible bad actors to help raise awareness and inform users but I agree that blacklisting from services is the wrong direction to go. Looking at etherscan.io they have a Google form to submit scams and manually review the evidence provided, if confirmed the account ends up with a warning on it: https://etherscan.io/address/0x09750ad360fdb7a2ee23669c4503c974d86d8694
So I propose a similar system with any discussions/evidence posted to the forum for transparency and maybe a vote to gain consensus. If confirmed the account will end up with a banner and a link to the evidence like this (just a preview not live yet):
If there are any other known scammers feel free to submit PRs to add them (providing evidence as well), or tag me in the forum. I dont want to be the only one deciding who gets added to this list so I’ll ask for community input before any further changes are pushed live.