Bountyserver Round2

snow snow at smoke.suba.com
Thu Nov 28 00:35:27 PST 1996



Thank you all for you comments and input. I am in the process of rewriting
the propsal to make things clearer, and to revise some of the procedures. 

The original draft will, and the revision will be up at 
<http://www.bounty.com/proposal.draft.html> by the time most of you get this.

I am making a single reply, rather than one at a time to save time and 
bandwidth. I wrote these replies before I started working on the revisions
to the proposal, so things might have changed a bit.  

Matt:
> >      This mechanism should be as simple as possible, and as easy to use as 
> I assume you will make it all web based?  Make sure you are using a 

     Yes. It is going to be web based, with (hopefully) email and Usenet 
access.

> secure server.  Pay close attention to security of the underlying OS. 

     I am planning on using Apache-SSL or Stronghold, if I can afford it, with
Linux as the underlying OS. I plan on disabling telnet access as soon as the
server starts accepting credit card numbers. Anyone who then need shell access
will have to use SSH. 

> >      Originally I proposed this to apply to software, but I don't see why 
> >      it should stop at software. Initally the server will be restricted 
> >      to software, but I hope that this will work out, and be expanded 
> There is no reason that it should only apply to software, so I am 
> glad you are thinking this way.  Realize that your costs will go up 

     Software is my main objective, and software is easier.  

> if you applythis to non-software related industry.  You may need to 
> hire experts in other industries, etc.  Of course, it may all pay off 
> anyway for you.

     Yeah. There is that. The other technologies I was thinking of were more
in the realm of algorythms and protocals rather than hardware. Hardware is 
possible, but difficult, and may (would) be better suited to Ian's proposal.

>> The proposal:
>>     What I am going to attempt to do is to set up a "Bounty Server" where 
>>     send their initial "bid" to the organization.  
> Presumably web forms that generate a standard piece of output so that 
> developers dont have to sift through "original" specs.  I have 
> questions about bids, but ill get to that later.

    Prozactly. 

>>    This is the "bounty". Other people can add to this bounty, allowing the 
>>    and the server operators. Other technology will be figured out as it 
>>    becomes necessary.
> You will need to make several things clear here.  When people "add" 

    <snip>

> not.  It is not impossible to solve this problem, it just takes a bit 
> of good wording in the Contract.

     I understand that. If you are willing, I will ask for your opnion on the 
wording.
 
>>   The initial bounty contract gets posted to the WWW server, (possibly) to 
>>    a "developers list" of interested people, and (possibly) to an 
>>    appropriate UseNet Newsgroup.
 
>This may not be a popular point but you asked for legal tips 
>(/disclaimer BTW, this is not to be relied upon as legal advice.  I am
>  giving it only to make you aware of some issues that you may want to look 
> into.disclaimer/).  You need to be aware of possible discrimination 
> claims.  There is a theory called disparate impact which you may have 
> a problem with.  You should find a way to distribute these 
> announcements as widely as possible.  This is a tricky area and one 
> you should be aware of.  The final decision, of course, is yours.

     I don't really understand this. I plan on spreading the word as far as 
possible, but if I only post information in one or two places, isn't that 
my choice? If I am tryind to hire someone am I required to place adds 
everywhere I can, or can I choose my medium? 

>>  Once the bounty is posted, other people can "bid up" or add to the bounty,
>>  and their contribution will be added to the total bounty as well as their 
>>  accepted by credit card, check, money order, and possibly ecash 
>>  (e-cash will be taken at some point, but it really isn't important
>>  at this point since almost no one uses it.)
> 
> It would be good to accept ecash and maybe contact MarkTwain to see 
> if you can set up discount accounts for your developers.  The people 
> involved in this project would be familiar enough to give the system 
> a boost.  Why do you think the amount people give is not relevant?

     I wasn't refering to the amount, but rather ecash being not-relevant 
AT THIS POINT <runs and hides behind asbestos sheild> Not many people 
have ecash accounts, so it isn't a priority. It would be nice tho'.

     As to the amount: It really doesn't matter, but I am thinking of making
a minium of $5, just because anything less really isn't worth the book keeping,
but I really haven't made up my mind. 


>>   The first developer to upload a _working_ package to the server will 
>>   be cut (or ecash mailed if that works out).   
> Why do you think you need to keep an archived copy?  If you deal with 
> Copyrighted material you MUST get a license up front.  That shouldnt 
> be a problem for you since the developers are benefiting, but I am 
> just curious as to your thought process here.

     Archival copies are for legal reasons. Copyrighted material other than
that uploaded by the authors is not going to be allowed, and part of the 
agreement is that they allow the Server to keep a copy for historical/legal 
reasons. 

>>   The Server Adminstrator will also do an cursory check to make sure that
>>   there are no obvious copyright violations. 
> This needs to be much more than cursory.  If you put a copylefted 
> piece on an open ftp site and it winds up to be copyrighted guess who 
> could get named in the suit.  Not only should you vigorously research 

     I will have the name of the submitter, and I will make a "good 
faith" effort to detect copyrights. I think that is enough. I don't 
(in fact I doubt any one person does) have enough knowlege to know
every peice of software out there. I am more worried about people 
decompiling commercial products. 

>>   In the event that there is a conflict between the initiator and the 
>>   developer, the claim will go into adjudication. The server adminstrators
>>   decesion is final, and he will make every effort to settle the claim
>>   fairly. Adjudication will incur an additional fee (see the fees section).  
> appearance of impropriety is important but more important to you is 
> the need to have someone other than yourself to blame.  You dont want 
> to be held responsible for an "anti-developer" decision if you dont 
> have to.

    I am hoping that reputations will handle this.      
 
> > Writing the bounty: 
>>   The bounty specifications should include the following: 
>>      else will contribute), owned by the programmer (well someone might
>>      be that magnanomous), or "copylefted".
> 
> This will be up to the writer.  It might not be a good idea for the 
> initiator to have input here as it will be a wedge causing more 
> adjudication than it is worth.

    I disagree. The iniator (hence forth known as Alice) is establishing 
the rules, it is up to that person to set forth the conditions. If the 
writer doesn't like it, they don't write it, and Alice looses her money.
If enough people add to the pot, someone will bite, and Alice gets what
Alice wants.  
 
>>   6) Where the initiators money is to go if the bounty is not claimed: 
>>      choice. 
> Why not give it back to the initiator (minus a fee for the 
> opportunity).  While I am sure you have good charities in mind, 
> people on the net dont like being forced to do anything.  Keeping the 
> charity donation as an option is a good idea.

     To keep Alice from reniging once the money is given, it is gone. It 
means that you have the choice of software or nothing.  

> > Adding to the bounty:
> > Fees:
>>   The Organization will get 2% of any bounty where the software or 
>>   Technology that is copylefted. 20% of any other scheme.
> 20% seems steep.  You might want to at least start out with a 
> discount on this percentage.  I like the discount for copylefting.  

     20% is an 18% penalty for not Copylefting the software. It means that
I am going thru a lot of work, and not getting what I want, so I am 
going to get something. I want this server to produce Free Software.

>>   Adjudication will incur an additional fee of 2 to 5% depending on the 
>>   difficulty in judging the claim. 
> This needs to be a certain percentage not a range.  If need be assign 
> it via hourly charges.  It is not easy to get people to stay out of 
> also encourage you to include the amount in all of the bids.  You can 
> spread exposure and lower the rate.

     You are probably right. I really want to charge each equally. 

> > Where I need help at this point: 
>>   Legal issues. Any lawyers want to talk to me about this? 
> Let me know if you have any questions.  None of this is legal 
> advice...blah,blah,blah.

     Fine.   

> Looks like a good start.  Keep me informed.

    Thanks. 

==========================================================================

Omegaman:
>>    The objective is to actually bring this system online. 
> "cypherpunks write code."  good.

     Soemthing like that. 

> > Background:
>>    graphics editing software, easy to use Graphic Design Software (TeX
>>    is NOT easy to use) and easy to use Cryptographic software. 
> many would pay good money for Linux native versions of programs like 
> Wordperfect, Corelpaint & draw, Pagemaker , etc.

     I think "pay for" might be a little strong a word. "Assist" is more 
accurate.  

>>   4) Desired "quality" level: Proof of Concept, Alpha, Beta, Release etc. 
> Needs flesh.  What defines "alpha" or "beta" for purposes of bounty 
> or is that up to the person initiating the bounty?

     If I can find good working defininations (sp?) I will use them. Otherwise
I will insist that Alice document what it wants. 

>>   6) Where the initiators money is to go if the bounty is not claimed: 
>>      honest, as well as the server. Each contributor will also get this 
>>      choice. 
> Do you have the charities in mind?  They should be listed in the 
> abstract, I think.

     March of Dimes, NORML, NRA, ACLU, GNU Foundation, FSF, SPLC.  

     As the time gets closer this will get more exact. 

> Who will be publicize the initial bounty offer -- the server or 
> bounty initiator?  Information about a specific software project will 
> need to be disseminated beyond bounty.org.  

     Automated positing to relevant newsgroups, and maybe a mail list 
for those interested. 

> More details on conflict resolution are needed in a final draft.  The 
> process and priorites the server administator will use to make his 
> specific hypotheticals detailed.

     Ok. 

=======================================================================

Peter Allan:
> Snow,

I know, Spell Check. 

>> Abstract:
> "new technologies" doesn't seem to be what you mean later on.
> I suspect you will get _higher_ overheads with this.   For instance
> suppose 2 people start work on something, and one wins the bounty,
> the other goes unrewarded.   To compensate each coder for this risk

     That is life. First to market means a lot. Look at Lotus.

     I am contemplating adding in a place for developers to meet and 
collaborate, sharing the bounty. 

>>      community of users to decide which projects should have priority, 
>>      and which shouldn't. 
> Hmmm.    What about people ahead of the game - like PRZ.

     He get a VC or two and goes commercial.

>>     award to be paid to the developer. They then post it on the server and 
>>     send their initial "bid" to the organization.  
>    
> Where is the scope for iterative discussion of the spec ?
> This is _the_ killer stage for most work.

     This is Alices responcibility. 

>>     This is the "bounty". Other people can add to this bounty, allowing the 
>>     totals to add until someone claims that bounty by providing proof of 
> What about proof to the satisfaction of other contributors ?
> How do I know Bill and Ben aren't cheating by starting and claiming
> a bounty to which I contribute ?  (Bill and Ben are fictitious in this
> example. <g> )

     Good point. Solututions? 

>>        I will provide a short (8 or 10) list of charities that the money 
>>        honest, as well as the server. Each contributor will also get this 
>>        choice. 
> How does this keep anyone honest ? 

     Keeps them from reniging (sp?) on the bid. 

===========================================================================

Ian:
> Hi, Snow,
>>    I have started drafting a proposal statement for the Bounty server. 
> Wow, you've gotta move fast in this game :))

     If I don't keep the inertia up, I will never get it done. 

> [chop where agreed or not disagreed]
> > Background:
>>    It is the "Copylefted" software that interests me at this point.
> OK, although for my model, I am assuming that all forms are covered.

     As I pointed out in private email, I think our model serves different 
objectives. 

> > The proposal:
>>   What I am going to attempt to do is to set up a "Bounty Server" where 
>>   someone can iniate a "bounty" on a peice of technology. The initator

> Separate this out, for clarity of model.  The initiator (I used
> Proposer, and called her Alice coz Alice always initiates) proposes

     I will do that.  

> BTW, bid to do what?  Using market terminology, I have assumed thay
> bid is to buy, that is provide cash.  Offer is to sell, that is provide
> software.  Ah, yes, bid is add to bounty.

      Think if it as a bet. Kinda like Mr. Bells AP proposal, Alice is 
betting that the software _won't_ get written. Once the bet is high enough,
it _will_ get written. 

>>   This is the "bounty". Other people can add to this bounty, allowing the 
>>   development to the initiator of the bounty. In software terms they would 
>>   and the server operators. Other technology will be figured out as it 
>>   becomes necessary.
> This is where I have put most of my efforts, because I need to design the
> microstructure that is built into our market.

     I am going to try to keep it simple, and let the thing evolve as 
necessary. As Alex (a former reader of this list) put it, the first anonymous
remailer was a perl hack done in an afternoon, and improvements came from that.

     Things will improve as needed, I am just trying to think things out
as thoroughly as possible first. 

>>   Originally I was going to put the stipulation in that the software written
>>   rather simply desired. To aid in that desire, I am going to build in 
>>   an initative to releaseing the software "copylefted".
> Absolutely - let the market decide.  Some of us, for example, do not like
> copyleft.

     What do you have against "copylefted" software? Is it the specific 
GNU copyleft, or the concept? 

> > To get more specific: 
>   [chop]
>>   The first developer to upload a _working_ package to the server will 
>>   be awarded the total bounty, ...
> This worries me.  If I, as a junior programmer, am looking to enter the
> market, I will have the daunting task of beating everyone else.  Real life
> doesn't work that way - there are ways in which I can pick up some newbie
> tasks for low money, so as to build up experience and/or reputation.

     1) As a junior programmer, you take on simpler bounties first.
     
     2) Team up with a more advanced programmer, pool efforts and split 
        the bounty. 

     
> I guess the notion of bounty is just that - first one takes all.
> However, I think that the solution might be a bit limited in the
> long run.

     It isn't intended to solve all problems, just some. 

> Interesting in that my proposal leads to task distribution by awarding
> contracts, your proposal leads to task incentives by rewarding speed.

    Yours seems suited for longer and more involved tasks. Mine to shorter.

>>   "First" will be soley determined by the time stamp of the server. As soon
>>   as the package is uploaded, the initiator and the server adminstrator 
>>   will be notifed, and the bounty marked "claimed". If the package is 
>>   be cut (or ecash mailed if that works out).   
> OK, my proposals specifically assume no need for a "decision" by Alice.
> That's not to say either is right, it's just that I prefer to design
> something that eliminates the individual decision rather than cope
> with the complexities.  I believe it will result, in the end, in a
> more efficient market.

    It might be more efficient to have a "paid" staff to evaluate the 
product to make sure it meets the specs. I don't have the funds to 
set up that infrastructure. 

>>   The Server Adminstrator will also do an cursory check to make sure that
>>   fairly. Adjudication will incur an additional fee (see the fees section). 
> Same as above, no adjudication in my system.
> Although, it is possible to add underwriters,
> by simply making the task offerers (Bob and Carol)
> into bond writers who front for programmers.

     I am hoping that it doesn't come up too much. Honesty and reputation
should help. 

> > Status:
>>   At this point in time I am (obviously) still in the process of developing 
>>   the procedures. I have registered a Domain Name (bounty.org) and I have 
>>   a couple promises off assistance in certain areas. As well, I have 
>>   a server to start off with.  
> Wow, *gotta* move fast.  As I say, our stuff is based on a lot of
> pre-existing software, so we make a lot of assumptions.  Given our

    You are starting with the software, and then figuring out the rest. 
I am doing it the other way. 

> different approaches we may end up with competing systems rather
> than one, but that's fine, indeed highly valuable as an experimental
> approach.

     I don't think that the two proposals will necessarily compete. 

> What's financing you in this?  Or should I say, monetarily enthusing?

     Financing?

========================================================================


Blake:

> I missed the original discussion of this idea, but it sounds delightful to me.
> A couple of thoughts on your most recent post:
> What counts as a  copyleft should be explicitly defined, i.e. just the GPL,
> or how about Perl's artistic license... or Aladdin's GhostScript agreement?

     Ok. I will put up examples of each, and let Alice choose. 

> Public domain software should incur no larger percentage fee than copylefted
> works.

     True. 

> How is the expiration for a bounty determined?

     I am thinking either 2 years after initial, or 12 months after last 
contribution, With a 1 year one time extension if someone claims to be "working
on it". 
 
> Adjudication fees should be split in some fashion between parties.  (Otherwise
> the initiator has nothing to lose from disputing.  (Unless of course you'd
> like to
> handle that on a reputation basis.))

     I am hoping that reputation and the threat of adjudication will prevent 
it from happening. 

     That is one area that does need work tho'. 
==========================================================================

Jim Cook:

>    be awarded the total bounty, minus "brokerage" fees (discussed later)
>    "First" will be soley determined by the time stamp of the server.

<SNIP>
I don't like this way of picking a winner ... because I think it would
encourage fast and dirty work ... instead of quality ... better I think
would be a process analogous to peer review for grants and publications ...
with the added feature that the submission of a product is announced ... so
that competitors who are almost done can get their entry in also ... and the
initiators can evaluate several products simultaneously
<SNIP>

My reply:

     In a way it _does_ encourage quick and dirty work, like the first 
cpunks remailer, hacked together in an afternoon, then came the rest. 
     It is a way to get _more_ software out there, hopefully some of it 
will be good, some bad. It really can't be much worse than the dreck comming 
out of some of the commercial houses.  
 
     I am thinking of a way of implementing checks tho'.

=====================================================================

Thanks for the comments. Keep them coming. The original draft will 
be up at <http://www.bounty.com/proposal.draft.html> later tonight.









More information about the cypherpunks-legacy mailing list