Do we really need kyc though


Hey there, been following blockstack for aaages (2 years), love the whole idea and how it evolved over time. Looking forward to contribute myself and try to come up with something useful once in a while ^^

Just read the token whitepaper, looks great! I’m all in favor on how it’s planned to go down and about releasing a layer2 token in general. Happy to see you working on governance stuff and things like web-of-trust. Combined with incentives for all parties I have no doubt that it will drive lots of people and business to the ecosystem.

What I didn’t get from the white paper are details on how the kyc is done exactly. Are there already discussions or additional info out there somebody can point me to? I’m wondering if Blockstack PBC/Token LLC will conduct the checks themselves or if they’re done by 3rd party service providers.

Next question would be why not just use twitter verification… they already have a nicely diversified user base and their requirements to get the “blue tag” are very high. Too high for average users to prove they’re human, but would still make a great initial-trusted-set for the WoT, while freeing blockstack resources/liabilities and let twitter handle all the kyc.

Also maybe add the twitter-login to, so the average twitter user can sign up in 2 clicks, even if he would be too lazy to sign up otherwise.

If there’s a shortage on people signing up for the genesis block, maybe let every verified user elect 3 friends or add fb and github verifieds.

so if we have a little initial gate-keeping why not through the company that has been around for a decade, has an existent and valuable public available kyc-identifier, and being probably the most used/trusted social media platform around. I mean even the president of the united states uses it so what could possibly go wrong


The KYC etc details for the user sale will come out later when people are making payments. We need to comply with all relevant law there.

For the voucher registration it’s just social proofs (similar to what we had at earlier).


Hi there - I’m finding it hard to get my linkedin account verified. I followed the instructions to the letter but it just says ‘unverified’. Do I need to wait or have I registered it wrong? The URL seems fine


@baggins There is a known issue with the linkedin verification. Can you try another service?


I don’t use any other social media unfortunately


@baggins Hacker News accounts are very easy to create and require almost no personal info:

That might be your best bet


Ha - that doesn’t work either - says Unverified too. There must be an eaiser way


@baggins Have you tried to hard refresh your browser?


Yes, tried that . Logged out and in again too. Strange …


Glad I’m not the only one who thinks what originally sounded like a good project seems more like an elaborate scam to harvest social media profiles. I mainly have social media profiles to prevent anyone else using my preferred identifier. Why the hell would I want to to publicly tie them to a publicly announced blockstack address? That’s the very opposite of privacy.


It’s a way of giving other people an indication that all of the accounts you verify are under common control.

I like to publicly verify my social media accounts because it gives my audience confidence that larrysalibra on twitter is the same person as larrysalibra on github and not someone trying to impersonate me. At the same time, I value my privacy. I may or may not have other accounts I choose not to publicly verify. I can choose not to verify them and use Blockstack just the same.


Long story short, You can create “another account” for Twitter, Facebook, etc.


me too
i do not know what is the reason


Sure you can create dummy accounts, but that kind of defeats the purpose of KYC. And the fact that (publicly posting Blockstack messages on) those dummy accounts are sufficient for Blockstack to claim to know their customers shows what a worthless exercise this particular form of KYC is.

I expect they chose it because it’s easy to verify computationally (without actually verifying identity) and apparently sufficient to satisfy whatever regulatory hoops they feel they need to comply with.