I have been fairly vocal on my personal Twitter account about how speculation in cryptocurrency markets is getting out of hand.
I wrote a post in August entitled Why/How I built EthTools.com. The short version is that in 2015 I stumbled upon Ethereum. It sounded technologically promising and there was a small but tight community of interested parties discussing and working on ways of using it.
Fast forward to today. We all know what happened. The price rose, and as a result the makeup of the community changed.
Now, I am not in any way surprised that the idea of large financial gains attracts people to something but I am surprised the extent to which things changed. The worst thing in my view is how a number of early adopters who I respected have 'dropped the act' and now schill Ethereum for the purposes of making more money. They don't build anything on the platform, they just schill.
Other community members who were building interesting products have seemingly disappeared. Where is Piper?
The newcomers who have joined the community based on the promise of financial gain are at least honest and up front about their intentions.
Security
In November 2016 I wrote about Ethereum security. This was an insanely popular post. I have also answered numerous questions on Stack Exchange and over on the EthTools.com community.
Many newcomers know little about being secure whilst working with the Ethereum blockchain. When I first got interested.. nor did I.
Needless to say security is extremely important. No-one wants to lose money.
EthTools.com
I run my own company: Double Negative. We build web applications. I decided to build a website for making interactions with the Ethereum blockchain simpler for newcomers. EthTools.com was born.
One of the reasons I run Double Negative as a registered UK company is legitimacy. Unlike a large number of cryptocurrency businesses we are completely transparent because we have nothing to hide.
I made a development decision from Day 1 that EthTools.com would not touch Ether in any capacity. Bugs, audits, hackings etc were in no way of interest to me. As a company I did not want to consider the additional risk of in any way handling user funds. As such all EthTools.com tools simply offer an interface for interacting with the blockchain. This is similar to the MEW offering.
In addition to this I try to be clear and concise when interacting with others. Take this answer for example. I answer the question, market EthTools a little, and also try and provide a little educational food for thought.
Your private key
Today I was informed that EthTools.com was blocked by Metamask because it is a phishing website. I did a little investigating and stumbled upon this commit.
EthTools.com was added to the 'phishing list' because of this post: PSA: You do not need to provide a private key to a faucet..
To answer the question. No, you do not need to provide your private key to use a faucet. You do need to provide a private key to use the EthTools.com faucet. Why? That is how it works. If you use the other tooling on the website you will note that we have a consistent 'wallet loading' interface across the site. Usage of this is documented in blog posts and in video tutorials. This is to make it easy and consistent for the user, not so we can steal your Ether.
The majority of the EthTools.com functionality is written in React (Javascript). It is front end code, and if you are so inclined you can see exactly what we store and what we send across the wire. Hint: We do not send your private key.
It was also built this way because when I originally reached out to Hudson at the Ethereum foundation about building a Ropsten faucet he noted (via email) the need to make sure that it was not abused in a manner that would allow a nefarious user to get millions of testnet Ether (with which they could spam the network).
The plan for monetising EthTools.com was advertising. In the same way that Etherscan displays advertising.
Reddit posts (like the one in question) damage businesses like mine and in a roundabout way hurt Ethereum.
As a result of EthTools.com having been reported to Google, it is no longer the top search result for 'Ropsten Faucet'. Fewer developers looking to get Ether to test their dApps will be able to do so.
What annoys me most is that the user that created the post made no effort to reach out to us through our contact form to check his/her facts. Nor did the individual who added it to the phishing list or any of the people who replied to the post.
I do appreciate the need to move quickly in certain circumstances so as to keep people safe but this was not one of those situations.
Then there is also the main argument of the post: "If you give them you private ropsten keys and use the same one on the main net, they will steal your ether". If you are using the same address on Ropsten as you are on the main network please stop, read some more about security, and never do such a foolish thing ever again.
Thoughts
Whilst I still maintain my view that Ethereum has the potential to be world changing technology I am happy to engage and debate with people who hold different views. I like to have a complete view of the picture.
Over the past year I have noted some interesting things.
- There are still no killer apps on any blockchain.
- Each blockchain has a powerful toxic section of their respective community.
- No blockchain is in my opinion worth the apparent paper valuations.
Another interesting point is the lack of integrated client diversity. There were always the arguments/discussions about having multiple implementations of the Ethereum virtual machine was a good thing yet there is no similar concern for products interfacing with the blockchain.
MyEtherWallet, Metamask, and Truffle are absolutely fantastic products doing their respective things but they are also your only choices.
Again I absolutely acknowledge the need for security education and for helping people keep their assets safe but perhaps it would be better to tell people that if they do not understand what they are doing then they should not be doing it at all.
If you lose money because you actually gave someone your private key then perhaps you should not have been doing what you were doing. In the same way you wouldn't try and do insert almost anything here if you did not understand it.
Moving forward
As mentioned above the incentives for me to run EthTools.com do not align well with the approaches and attitudes of a developing (and changing) community. The product is in no way profitable at this point in time. We have spent thousands of dollars building and maintaining the tooling that we offer and situations like this make me believe that we may not be able to run the site as a business.
I am in the process of doing some very complex behind the scenes restructuring such that we can improve and optimise the tooling but also so we can provide some complex data analytics services to some interesting potential clients.
The long and the short of it is that seemingly the target market for the product is not the 'community' and as such we will be reconsidering the public offering of the product.
Afri (in relation to the proposals for releasing the locked Parity funds) seemed similarly disgruntled with the effects of our changing community. So does Vitalik.