At least 2 separate Haveno networks have launched as of today. One is called Reto and the other is called HardenedSteel. Those are the only ones I’m aware of right now, and things are happening pretty fast.
The haveno software was designed with the assumption that only a single network would be operated. People could fork it and run their own networks, but they wouldn’t interact directly at all. But it looks to me as of this moment this is not how it is going to play out.
The client has the network info hard coded. So to use more than one, you need two copies of the client. This means that for most people they have to pick one. And, users might not understand this, just google “haveno” and pull the first git repo they see. This has significant, fast moving and quickly ossifying network effects with big repercussions.
We need to be very vigilant right now, as we are about to witness the very swift rise of a major power broker in our community. We don’t want to start using a Haveno network run by scammers or authoritarians. Each network is it’s arbitrators, and soon, the merchants on each one.
I think it’s probably a good idea to figure out a way to connect to multiple networks, and to show listings with details about which network/arbitrator set a user is trusting when taking up a listing.
I’m cautiously optimistic, Monero has gotten rid of powerful people without a hitch before. But it is a bigger community now and that will be much harder to do. If we are vigilant during this time and we get through this successfully I think we become unbeatable, but the road directly ahead of us is treacherous, the next few days are going to move very fast.
Everybody reading this message should also read this, since it gives the details: https://github.com/haveno-dex/haveno/blob/master/docs/deployment-guide.md#register-keypairs-with-privileges
There are no servers in Haveno. Instead, there is a “developer (public) key” hardwired into the client. Instead of the owner of the localmonero.co domain (and TLS certificate, and onion url key), there is the “developer public key”. The developer public key you have in your client basically decides “whose Haveno” you want to use. This is a good thing! I always worried about the localmonero.co domain being seized by a simple letter being sent to their registrar. With the developer key system this can’t happen. The thugs have to actually go hunt down whoever has this key. The key isn’t even kept online (like a TLS key or an onion key).
Whoever has the developer key decides who the arbitrators are. Just like localmonero – whoever owned the domain name got to decide who the arbitrators were.
I think OP’s posting is kind of an unnecessarily-scary way of saying that the client ought to ask the user to type in this key (or several of them!) at installation time, instead of being compiled in. That is a great idea.
I wouldn’t say it’s unnecessarily scary. I’m just concerned that the first, biggest haveno net winds up bring run by people motivated by nefarious reasons. Trying to track people, or colluding with makers to scam users or something like that. I don’t think that the reto guys are doing this, for the record. I just think it’s important for us to understand how much trust we place in a group when we choose their network in our haveno software, and how quickly we can wind up in a situation where we are stuck with someone we don’t particularly like controlling the primary fiat to XMR route.