remove Cake wallet #2013
remove Cake wallet #2013
Conversation
This is a principled removal, on the grounds that the Cake wallet people are squatting the monero.com domain to push a version of Cake wallet they call the "monero.com" wallet. When called out, representatives of Cake wallet claimed that is is not squatting, despite the fact $project.com is the most canonical domain name possible for a project, and that they are trustworthy, therefore it's fine for them to have that domain (they're a company, the bottom line is what counts, and even if the current owners do believe this, any buyers would turn against us without a second thought). Moreover, they had the audacity to claim I did not complain early enough, as if I was suposed to be keeping track of who owned monero themed domains. Last, they claim that they do mention on the website that it is not the official monero domain. While true, close to nobody reads the web page footer, and they know it full well. The intent seems glaringly obvious: to dishonestly cause visitors to get their software by making it seem, at least for those people who do not look really hard, that they are the monero project. Being a company which considers its bottom line, not earning the money they expected to get from this unethical move is likely the only thing that will get them to reconsider any further similar moves, and their wallet being removed from the monero site will help with this. AFAIK the previous owner of monero.com was some building company, and their registration predated our project, so there was no possible confusion on the part of visitors. Having worked for the Monero project for YEARS of my life, I feel pretty aggrieved by this dishonesty, and thus I am registering my protest by this patch, which I acknowledge has little change of being merged, since practicalities will likely outweigh ethics. However, I tend to weigh ethics more than practicalities, hence my work on monero for all these years since pretty much its inception.
✅ Deploy Preview for barolo-time-757cf9 ready!Built without sensitive environment variables
To edit notification comments on pull requests, go to your Netlify site settings. |
|
I hope monero.com will make it clear to all visitors that they are not the official website, adding a link in the footer and a link in one of the FAQ answers isn't enough. Such a website change should be simple and if done I would be against a removal from the website. Not only are they one of the only iOS wallets, they have also contributed to monero in different ways over past years, which I appreciate. If monero.com insists on keeping the website as is I would reevaluate my opinion. The second problem is that the current website appears as a neutral website that simply "recommends" the monero.com wallet. This should also be improved. For example https://cakewallet.com makes it clear that this is a wallet website, monero.com should ideally be similar. Then there are no concerns about impersonating the official website. |
|
I would grudgingly agree with them keeping squatting if there's something obvious enough on the site that someone coming in thinking it's "the monero site" gets disabused of the notion right away. |
|
For context, Cake is asking to add monero.com to the "Download" section of getmonero.org: #2007. The proposal is being discussed. It's hard to not think that monero.com is trying to impersonate getmonero.org. The wordings and placements on the website clearly try to give the impression it's a neutral resource about Monero. This feeling is strengthened by the non-transparent behaviour of Cake, that has initially announced monero.com as a "monero-only wallet", but recently (during the controversy in #2007) it was described differently: a resource to "promote the commercial nature of monero". This switch, beside being unethical (should have made clear before and displaying only your own products and the products of partners is promoting your own commercial nature, not Monero's), changes things quite drastically, because it rises the already high chances of monero.com being confused for getmonero.org. Coingecko already mistook monero.com for an official Monero website and listed it as such on their very frequented website, so we already know there are precedents of people/entities making confusion, if that's what happened. I also want to point out that if monero.com uses any code of the Monero project, they might be in violation of Monero's BSD-3 license, which at point 3 states:
Cake should do the right thing and at least make very clear at the top of monero.com that the website is not the official website of the monero project, but a resource owned by a third party company. I see why this PR can be seen as extreme and i hope Cake will take the hint and make the changes proposed, otherwise it's hard for me to be against merging this PR, as i see mooo's concerns. |
I took a week before I did this because I thought it was extreme too, given Cake wallet itself seems totally fine (minus the call home that was mentioned). However, given the attempts at justification that really pissed me off massively, and the following reasoning, I think it is warranted. My reasoning is:
Now, I doubt this will make up for the income they'll derive from their squatting, but it's a start. More pressure points being identified would be nice. |
|
fully support - since cake has obviously tried to use the domain to slyly trick users into thinking its "official", the monero project should take an active stance in disassociating itself from "monero.com" and making it clear to users that it is owned by a company that gathers data and make profit off of users of their app |
|
In a perfect world, the purchasers of Monero.com would have donated the domain to the Monero project, instead of using the domain to push their for-profit products. Unfortunately that didn't happen. Instead, the domain (and the reputation implied through that domain) is being used to brand a wallet (as opposed to the project in its entirety). There are for profit services include in the wallet. That's how I see it. If I am incorrect, please feel free to correct me. |
|
This is probably the moment where we all decided the cake wallet is over the limit and should be not just restricted on official getmonero.org website but rather everywhere where this official project have any control, hoping its not too late. I am pretty sure coingecko hadn't listed monero.com on its own rather it was contacted by someone from cakewallet (We all know who is it) using getmonero.org email or similar credentials to list that domain as official on their website. Abuses coming from cakewallet had started way before from this. CCS funding is in large part manipulated to finance exclusively cakewallet projects. We were basically feeding this beast all this time. Problematic projects include Monerotopia guy which is actually cool guy but always promotes only cakewallet and the other squated domain wallet, he never ever said anyone to install Monerujo or feather wallet, narrative is that other wallets are there but not good enough. He receives around 10k usd per month from community while monerotalk is basically cakewallet shitshow, they interrupt, they tell everyone what to do and do whatever they want without any over-sight or metrics presented to community. Another problematic CCS funded project is Monero Observer who very selectively pick their narrative and report about only things that work for cakewallet. if you spend a bit more time you will understand it. Also project never went open-source not allowing others to compete on fair terms. It is not a question about quality of these projects but the main beneficiary which is more cakewallet than monero community which is always a step into wrong direction and harms monero eco-system in long term. Magic monero thing obviously attempt to remove community from the project to their own KYC narrative and wishes. Not sure at this point who is owner of Twitter and telegram monero project account however they are both biassed towards cakewallet. Since recently its obvious sethforprivacy is controlling twitter since every second post is about Viksharma and even worse Justin interview about monero with "monero.com" picture. So basically twitter is fully under control. Telegram seems controlled by person named needmoney90 and absolutely its impossible to say anything that doesn't fit the narrative "cakewallet is the best" which makes it highly censored, which is totally against monero nature. As you might notice previous and current pull request never reach the general population because of the shill army. There is and also obvious supression of second-opinion anywhere where it matters and not under control of the cakewallet team. That's how group https://t.me/MoneroExchangeRun became apply only and MoneroKon 2022 group terminated. Someone will say put "Tin foil hats" now but sadly reddit votes and posts are highly manipulated, telegram also very much. There is an obvious shill pattern in every "which wallet is better but I use IOS" post. Thing that most bothered me were the attacks to the Haveno developers using shill army, even to send them treats creating hate in the Monero community which never ever existed before. If I receive approval will include exactly who is and how connected to cakewallet from monero contributors so that my post doesn't turn into personal attack against someone. It would be all most probably forgiven if cakewallet was not least privacy oriented monero wallet pinging home and removing all community nodes from the wallet making it highly centralized and not private at all for average user. Everything in the wallet is high KYC and holds really unexplained privacy risks involved. I am not going to mention how under suspicious terms people lost a lot of money due to usage of 12 words seed which some of them were not recovered until today (12 words seeds actually work even today and not broken) Cakewallet and "monero.com" holds same codebase and same size, difference in code is nothing but few ifs which renders the design different and do not display other currencies. "Community" asked for it its their very own sethforprivacy writting on the twitter for that wallet after zcash thing, so there is nothing community here that's all business. This is sadly not one time mistake by long time planned effort by people not respecting this coin and this community. If I would know better these people are preparing a fork or something similar. getmonero.org is last standing neutral ground which is why I needed to pass this message along. P.S. Did they donated money? Probably yes to places where they needed to control. But I also have to say privacy doesn't have its price and one entity should not have this much control over the community. Even if they are just greedy and not malicious or state-sponsored. |
This shouldn't be too difficult to figure out, as far as I know fluffy is in contact with someone from coingecko.
Nonsense. Almost everything gets merged and funded with the CCS, and if you mean Justin running the community meetings he stepped down from this position years ago. @plowsof did it for a while and he definitely isn't influenced by Cake wallet.
He never requested a single payout from his CCS to this day, so saying he receives 10k / month from the community is inaccurate.
I disagree, just read their story about this pull request.
Everyone can add their own node and saying using Cake is "not private at all" is disingenuous. You don't lose all privacy suddenly when the app queries the fiat price, especially when you can also use a VPN on your phone. I don't follow Cake development, but I hope someone opened an issue about it here: https://github.com/cake-tech/cake_wallet/issues I hope we can go back to the monero.com website discussion now, as this got a bit off topic. |
|
Fully support. |
Hi Moneromooo, Thanks for the post and voicing your concerns. Firstly, we are not “squatting” on the site and frankly that's an unfair statement. I bought it fair and square from the open market just like you or anyone else could’ve done. It was sitting for sale on godaddy for many years. We do not claim or pretend to be the official site. We made it as a commercial site for Monero in general and for various products. Having said that, I am open to selling the domain monero.com to the Monero core team at cost (no profit/no loss to me), under the condition it be used only to redirect to the official site which is basically what you want. If core doesn't buy it, then I may consider listing it in the open market and then anyone, maybe you or other community members, can buy it. Until then to address your and others' concern, we are adding a large banner at the top which further makes it clear that it is not the official community site with a link to redirect to the official site. I would like your input and review on that when its live. Regarding removal of Cake Wallet due to the above doesn’t make sense to me as its a different unrelated issue. If we are going to stop listing open source Monero wallets on the official site, it would be very counter productive for increasing Monero adoption. This is not about Cake or monero.com wallets. I will fight for ANY open source Monero wallet to get listed on the official site. The more the merrier. As you know we used to do events co-hosted with MyMonero, which I hope to do again. I personally donated to Monerujo. People need options. We believe that with the clear banner and the offer to sell at cost to core, we've addressed your most important concerns. As always, I'm available for discussions and ideas. Vik |
This shows Vik's good faith and I think that it would be a very good move for this purchase to be done and the funds to come out of the General Fund as soon as possible. |
|
There is no way the general fund has 300k-400k to buy a domain name. That's like half the general fund. |
|
@CakeWallet Can you confirm that the monero.com domain sold for $316,250 USD? |
|
The total cost that Cake paid including fees is around $400,000. |
plus 20% for Godaddy's brokerage fees. I can check exact amount, but yes close to $400k. |
|
In case anybody was wondering - this is how monero.com appears in search results.
|
And banner on top coming up shortly. Just waiting on devs to push it to live. EDIT: Its live now. |
|
Now live at the top of monero.com:
|
Can the core team/project pay in installments over a medium (10-15 year) term? |
FYI: it does not appear on mobile |
|
Some thoughts:
|
Where are you getting this info? According to https://trademark.trademarkia.com/monero-86339137.html @fluffypony used to have the trademark, but abandoned it. |
There was a problem hiding this comment.
@ChristopherKing42 no idea why @CakeWallet has upvoted your comment, since they know very well (since they had a 1-to-1 discussion with fluffypony after he clarified the legal status of the monero trademarkin the public chat in #monero-site), i guess it's one more attempt to throw smoke in people's eyes.
Monero is trademarked and cake recently realized that. Personally, i would be ok with them owning monero.com when they will make changes to the website to turn it back into a wallet, as it was presented to the community, and not "a place to promote the commercial nature of Monero" as it's being recently marketed. Of course, no ambiguous wording should be present and that's not the case at the moment.
|
I'm not privy to the conversation between flufflypony and Cakewallet about Monero being trademarked. While I'm sure that it was for good intentions, I have very high doubts that fluffypony would be able to fruitfully defend that trademark in a court of law. Come on, fluffypony's Monero Distribution Corporation was registered in Delaware in 2021 (do Delaware Corporations unfairly get a bum rap). |
@erciccione - this isn't quite accurate, based on my understanding. There is US application pending to trademark the word Monero in the context of "communication systems", and this is made by "Monero Distribution Corp" a Delaware registered entity that one or more of the Core team own. See: https://trademark.trademarkia.com/monero-97195058.html & https://tmsearch.uspto.gov/bin/gate.exe?f=doc&state=4807:dw30vw.4.1 Afaik intention behind the trademark application is to defend the use of the word. I suppose an alternate scenario would be a bad actor getting hold of the trademark and then causing headaches for projects in the ecosystem who want to use the word. |
You are absolutely right. This guy has no idea what he is talking about and I'm seriously getting tired of his assumptions he's making on our intentions and now downright lies on what fluffy and I talked about. Btw, It was about the fucking banner vs splash page redirecting people to getmonero and you can verify with fluffy. We never even discussed the trademark. In fact, I have never discussed that with anyone. Also, my suggestion to sell to core team also had nothing to do with patent. I didn't even know about it when I offered to sell. That guy above is really showing who he is and how he operates more than anything in this whole ordeal. |
To say we are spying on users is disingenuous and you know it. I don't take that comment lightly. It was an oversight and a modification will is already being worked on. |
What do you mean silently added? We are adding features all the time. Again you are making this look all nefarious when it isn't. |
No data is sent. Although Ofrnxmr's concern about ANY "connection" is valid, but its a bit overly dramatic. |
Your aggressiveness doesn't make sense either. Cake wallet can be better yes however this is what we got. |
Are we doing github or are you going to call? |
you posted so I had to post to clarify. Have a good day. |
Thanks.. It was an oversight and a new build was already being worked on when he informed us of this. |
|
Thats false. i informed on day 0. dont twist the story. Unlike fiat api, i am not not waiting 6 months again. and unlike fiat api, this feature isnt even a tool. Its a call home. |
its either lazy or malicious. The opt-out pr being commited after discussions tells me the latter.
dont. I said it like that on purpose. I didnt meant to to come across lightly.
was an oversight. The opt-out pr was not an oversight, it was cakes "fix" aka non-fix |
I agree. @nahuhh please knock off the aggression, it helps no one. |
Wen does march end..? You too luigi |
This whole thing about opt-out wasn't definitive. I was actively thinking of a good way to make between opt-out and opt-in, and settled on this: If the user already has Fiat API enabled, bulletin will be also (since they are separate connections but connect to same server). Other idea was a popup after update asking if the user wants the feature, but the first way makes perfect sense and is totally reasonable, and protects existing user decisions. This change will come in the next update, doesn't matter if you were on a version before 4.15.0 or one after it will apply to everyone. |
|
i wonder where ive read that solution before |
|
cake-tech/cake_wallet#1347 (comment) Oh yeah
If im not using your node or fiat api, i dont need a fkn service.cakewallet.com connection
Opt in
very different. Fiar api is a tool (but without historical pricing, not a very good one).
i have exchanges disabled. Fiat either disabled or tor only. Markets disabled. Even cakepay wouldnt make any connections unless you used a service. Why is cake literally calling home to tell users info they dont care about? this is totally wrong, tux. User has tor fiat apt + local node? Why is this checking over clearnet? And why is it checking cakes node status? user has fiat disabled + local node + exchanges over clearnet.
no, the oversight was being lazy and adding a call home instead of a local, non centralized check
First party, third party, whatever. Those are both external services. This feature isnt a service, its a tracker of services, and again again again, it can be done PROPERLY, internally, where jt works for all nodes, and smartly for cake services. also, is this garbage in the privacy policy?
Thats what i said about why monero.com is still not listed on getmonero. Fiat api was clearnet, and couldnt be disabled. have node issues? Did feather add some bs call home to tobby feature? No. He added more community nodes and has feather use them in a smart manner.
|
|
This wasn't explicitly your idea. I had already thought about this outside of your suggestions. (And plus you didn't specifically suggest the way I have decided to implement the patch). At the end of the day it doesn't matter who came up with it, it's being implemented, and I don't care to argue semantics. |
|
Idc who came up with it i care that it was
No need for mental gymnastics |
I never defended it being forced or only opt out. I simply defended the feature itself. Stop lying. |
Youve said it was an oversight 500x. Who's lying? it was implemented without ANY privacy preserving measures. And you claimed that implementation to be an oversight, before later adding an opt-out toggle, still without any privacy you wrote the pr, didnt you? |
|
The way you originally phrased your comment makes it sound like I defended it being forced or opt out as a feature, which is untrue, and what I responded to. then you edited your comment, which is still not completely true, and and then you continue arguing as if you didn't change anything. I will not continue this discussion as it is not in good faith. |
|
Youre talking bout semantics, lol. My original comment (quoted in your reply) and my updated comment (that says the same shit + more words for the uninformed) are the same thing. It was added as forced. I saw right away and asked cake to stop dicking around. You claimed it was an oversight, then (on your own) opened a pr to make it opt out. whatever. |
|
After 82 comments on a PR each participant will be presented with 5 random pull requests to review. Thats the last thing we all want so lets please avoid that! |
|
ofrnxmr. you are embarrassing yourself. Please, stop being this harassment and focus on explaining your argument. All people will see from this discussion is that you refuse to listen other people opinion and only want to impose yours. |
Too late.
you need not listen, and im off this thread.
|
|
I saw the issue and i pointed it out to cake, and nobody else. last time this happened, it took 6 months and an attempt to put monero.com on getmonero.org. this time, id be embarrassing myself by recommending apps that i cant recommend. cake was super complacent when i explained that elitewallet was using old cake code that made clearnet connections. cant have it your way and only your way. i PROMISE i wont say a fucking word next time. |
|
For the record, I agree with your concerns @nahuhh and I appreciate your criticism, feedback, and suggestions, but I don't appreciate how very quickly you've gone from being constructive to vindictive and unhelpful, and making it hard to communicate with you. And also misleading people online falsely calling Cake spyware. And also harassing our devs in a PR demanding and threatening us to remove a feature |
I'm not on your team, and were not friends. heres what happened. As the days went by, many users started reporting the github release as being malicious. at the same time, cake was running with spend keys unlocked in memory for their custom implementation of background sync. for months and months, cake allowed this terrible ux amd i had to explain to users repeatedly to turn off the feature, as its intentionally unsafe due tp spend keys being left unlocked while your device is locked. during an update, cake added this npnsense service status, and still didnt remove background sync. gets annoying real fast. Aint nobody got time to deal with this bs for another 24hrs, nevermind days or, like fiat api, months. im done talking about it. |
|
And even if cake isnt keeping logs, youre giving my service provider TMI |
|
"And also misleading people online falsely calling Cake spyware." Half fact: ive mislead nobody,
maybe you could argue that this was privacy preserving, instead of adding a privacy leak to an otherwise private app. edit. It might seem quick to you, but bad solution piled on top of bad solution lead to this. Sgp was still around when broken background sync started adding traffic to cakes node. i dont fault you for trying, not for the timeframe. just so happens i updated a wallet today, and was left very disapponted. current users who i know use this shit.. i owe them an apology. I ahould have told them tl uninstall until further notice on day 0.. that's what it means to be honest. |
This is a principled removal, on the grounds that the Cake wallet people
are squatting the monero.com domain to push a version of Cake wallet
they call the "monero.com" wallet.
When called out, representatives of Cake wallet claimed that is is not
squatting, despite the fact $project.com is the most canonical domain
name possible for a project, and that they are trustworthy, therefore
it's fine for them to have that domain (they're a company, the bottom
line is what counts, and even if the current owners do believe this,
any buyers would turn against us without a second thought). Moreover,
they had the audacity to claim I did not complain early enough, as if
I was suposed to be keeping track of who owned monero themed domains.
Last, they claim that they do mention on the website that it is not
the official monero domain. While true, close to nobody reads the web
page footer, and they know it full well.
The intent seems glaringly obvious: to dishonestly cause visitors to
get their software by making it seem, at least for those people who
do not look really hard, that they are the monero project.
Being a company which considers its bottom line, not earning the money
they expected to get from this unethical move is likely the only thing
that will get them to reconsider any further similar moves, and their
wallet being removed from the monero site will help with this.
AFAIK the previous owner of monero.com was some building company, and
their registration predated our project, so there was no possible
confusion on the part of visitors.
Having worked for the Monero project for YEARS of my life, I feel pretty
aggrieved by this dishonesty, and thus I am registering my protest
by this patch, which I acknowledge has little change of being merged,
since practicalities will likely outweigh ethics. However, I tend to
weigh ethics more than practicalities, hence my work on monero for
all these years since pretty much its inception.