[P2P Exchange - Escrow platform] XMRMatters is officially open.

edit: odd, review got deleted somehow so just posted this post on the thread but now the review back, idk wtf lol

@SpinningCat

This has no impact on the ideology behind XMRMatters.
Maybe one day you'll come back and use it, only time will tell.

I have absolutely nothing against your freedom of opinion and expression.
In fact, that is exactly what XMRMatters stands for, as long as you're fair and your points specify potential issues or weaknesses that might be covered through other approaches.

Since the server and network are dedicated specifically to XMRMatters
It is DEX in the sense that XMRMatters has zero partnerships with corporate or controlled entities.
Every user uses the wallet provided directly by XMRMatters without external corporate oversight, though we still explicitly remind people across the wallet and market interfaces to withdraw their XMR to a private wallet provided by getmonero.org.

That said, this kind of platform requires a massive amount of time.
I've been building it for two consecutive years. It’s not AI slop. It is currently closed-source, but we will open-source it in time. There are things I personally want to polish first, and to be fair, I want to get some traction before it gets copied and people end up getting catfished with the blame falling on me.

It’s not AI slop.

"corporate slop" doesnt necesarily mean "AI slop"
those are different things
centralized services are "corporate slop" that dont care about their users but are out here just for themselves

but there is also different meanings to corporate slops, it's a term that cover alot of what's wrong with alot of things including in the cryptospace as well

and also the "no ip logs" things while data even more sensitive there are actually at risk, that would fall into "corporate slop speak"

It is currently closed-source, but we will open-source it in time.

well that's new, like, literally first time you mentioning that, which even in your previous threads you havent
so i guess... soon-tm (meaning probably never?)
but even if you do, we went through that already, so similar as that thread over there:
https://redlib.catsarch.com/r/Monero/comments/1ty3cvf/new_whale_on_btcxmr_atomic_swap/

so even in the case of opensourcing, it wouldnt necesarily mean getting more trust for you there, as you can still serve any code and collect those data about literal physical locations, bank accounts, first name / last names and so on

like, you can literally build all the trust that you want, have the service running for like few years or whatever, i still not gonna trust this service, ever

like, that case with gabriela gonzalez and her dad that was trying to hire a 'hitman' or somethin (dumb shit, the 'hitman' was ofc an fbi agent), but then, the fbi went to notify the ex they were putting a hit on, like, they had ALL of the data already, they still kept wiretapping her and her dad for like 5 whole years or somethin
so, similarly, you could run your service for like 5 whole years, just collecting the data, not doing nothing but just plotting or somethin

that's just a design flaw right there and sharing a source code that might or might not be the one that you running is not gonna solve that design flaw
it's not decentralized, it's not an app that people can build the source code from, it's literally just you running whatever code on your own computer that you then serving to the gullible people that would use a centralized service

so yeah, imo this is just harmful to the space and desensitizing people to using centralized services that they cant audit
so on that alone, it's doing more harm to the space than anything

Thoughts so far:

Having an option for contact via SimpleX would be nice. You could also consider sending notifications via simpleX (as an example, xmrbazaar has support for notifications + password reset + 2fa via Signal, Session, and SimpleX)

Having a platform wallet that isn't in my control is scary. I think I would rather have a per trade deposit held (percentage of trade amount) by both parties (give trader option to not require deposit) versus use the platform wallet and have to request withdrawals.

Plus, a group chat for users on any of those (I prefer simpleX) can be cool (although I admit, potentially an opsec risk long term)

I understand why some might not like you using the term 'Decentralized' from the start, since in my mind, something that is decentralized is something spread out, not controlled by one group or person. However some might argue that other popular services like haveno/reto aren't exactly decentralized since they can stop trading at any moment. My perfect decentralized platform would be 'node like' or 'peer to peer' in nature, just like the tor network, something people keep running together and can't be taken down by taking down one 'node'.
I look forward to more people joining the platform, so that your time and effort are rewarded, and one day you can make the platform FOSS

@avarice
Wow, thank you for such a constructive and respectful review.
It’s incredibly refreshing to have a dialogue like this.

I hear you loud and clear on the platform wallet.
The fear of losing control of funds is entirely valid.
Your idea of a per-trade deposit system instead of a persistent platform wallet is a fantastic alternative that aligns much better with privacy and security expectations. I’m going to look into how I can implement something like this.

The SimpleX integration for notifications and 2FA is a top-tier suggestion.
SimpleX is phenomenal for privacy, and we are definitely going to add it as an option to the platform.
A community group chat on there is a cool idea too, as long as we manage the opsec risks (Later on)

You also hit the nail on the head regarding the "decentralized" definition.
While I meant "free from corporate centralization," I completely agree that a true peer-to-peer, node-like structure is the ultimate goal for unstoppable tech.

Thank you again for your support and for wishing the platform success.
It’s insights like yours that will help guide XMRMatters toward a successful FOSS release!

@avarice
right, to be fair, there is also alot of design flaws with haveno
and indeed it's not actually "decentralized" in that sense, reto is 1 network that can be shutdown, other networks can be started if it does tho, and at least, you know that the source code you running is actually the source code that you built, that would be the main difference in design with services like these
that's a massive difference tho

and thank you for trying it out and giving actual feedback, am literally not even gonna bother
imo this is just wasted dev resources on tech designs that should be considered obsolete already :/

@avarice quick question for you as a community member.

Wwhat are your thoughts on a native chat function within the platform itself?
Something like a toggle window tucked into the corner.
Do you think users would like that?

@xmrmatters
for similar services they would still need to use their own PGP encryption on top of it instead of trusting whatever code you're serving for that

@SpinningCat and that evolution is exactly why constructive feedback is so valuable.
I want this to become a trusted, community-contributed project once we gain some traction.
I want users to see their own ideas reflected in the platform, so if you ever see something that can be improved, please suggest it.

Thus, so far I got some ideas already, nothing mayor but
It takes time, but we’ll get there.

@xmrmatters
First, just tell me one thing. Are you using an LLM in any way to write or edit your posts?

For context: I greatly dislike the sycophantic nature of llm replies, I would rather read 100 spinning cat posts than one llm generated or edited post. (No offense spinning cat )
Yeah grammar and spelling are nice, but I'd rather feel like a human is on the other side of the screen.
Second:
A native chat brings convenience at the risk of weak opsec.

Someone could sit and record the chat 24/7, bypassing regular wiping to prevent logging...
People will inevitably forget to stay alert, and say something revealing.
(These are the same risks that a group chat brings though, but at least you personally don't have to worry about how to secure simplex versus securing a native chat)
-- then again, xmrbazaar has a native chat, people say absolutely bonkers stuff in there. All a matter of the risks you want to take on

A native chat between traders would be beneficial, as long as it's properly secured. Since you already have a system of letting people upload pgp keys, the framework for a native PGP secured trade chat seems feasible ?

However encrypted chats can be tricky when it comes to disputes. I'll leave it at that.