SaaS pricing is tough. Free trials work, but startups often need a middle ground between free and enterprise without requiring a credit card. That's why we built betapass—users pay for access, and funds are distributed based on usage.
They are labeled "fake" and there's a pretty obvious call to action to replace them with human testimonials when we have them. It certainly seems better to call them out as not real than have them try to pass as real. What they're trying to convey though is valid and hopefully helpful to the reader. It's a good question though and I'd certainly be willing to learn from it if there's an obvious violation.
What's changed? The interface and primitives available for building applications. Rather than having to create a blockchain, we can _use_ a blockchain to do the timestamping.
Our insight is that this is still too hard to have quick access to use the blockchain meaningfully. So this service is a wrapper around those blockchain/cryptography primitives making it easy to create and lookup. It's the indexing part that can make the difference between a useful app in theory and in practice. In theory anyone could read the blockchain and create their own index from certain data on it...in practice that's more work than most will do... hence this kind of service.
Happy to show everyone Dibs ... a new data fingerprinting/notary service that writes to a public blockchain so you can prove you had a file at a point in time.
The recent chapter of this story starts on a train to Fosdem, the open source convention in Brussels at the start of February. I wanted something not related to my main work and so I started hacking together a Finder extension for the Mac to fingerprint data with a right-click interface suggested by my lawyer a few years prior. By the return trip I had the sketch of something working.
But the back story–not quite chapter one but close enough–happened a very long time ago. Let's call it 1999. I had a service called digitalpostmark.com that was an email server that would "postmark" the messages coming through it, adding a fingerprint to the message. If someone wanted to verify the email was sent at that point in time they could verify with our database and further re-compute the fingerprint themselves to see if the message had been tampered.
While this was a fun product (read: neat tech, low demand) it would eventually pivot to become SMTP.com's first product (I bought the domain for this), a way to relay emails in an era when mail servers were transitioning from open to closed. It turned out that the postmark server had everything we needed to change our email servers from a open relay into a selective open relay for users that bought our service subscription.
I would go on to sell the company and not think too much about digital fingerprinting until the NFT era reminded me of the power of hash functions and my now lawyer would lament about the power of an os-interface to the hash function.
Dibs goes one step further, allowing for easily creating fingerprints of files from the desktop as well as a web interface. These fingerprints include a "dibs code" proof that allows multiple claims of possession, but there's only one first.
The ordering of claims would be important, so I decided to use a public blockchain to write the records for all to see. End users don't have to know anything about blockchains, we do all of this behind the scenes, but expose the records so others can verify the transactions. (The blockchain chosen is the XRPL, for those interested in crypto).
I almost wrote an API for Dibs, but decided that the blockchain itself is an API, and it'd be better to just allow others to use that. So if a developer wanted to create their own system on top of Dibs, they'd just need to send a transaction on the blockchain to our "ingress" wallet address. That will then get indexed and available on the Dibs website the same as if the transaction was created with our interface. (Bonus: the per-transaction cost for the developer can be lower than our web interface, and yet is high enough that we still make money from the transaction payment.)
I suspect that most people will want to use the standard web interface. For that we chose a credit-based pricing model: $10 for 20 credits. Each Dibs is one credit, simple enough.
In talking to some potential users I came across some other example use cases, for instance my daughter wants to prove that she was the original creator of her avatar. While this current implementation is quite general, I suspect that there's quite a bit of work to do figuring out what a market segment might need and building the interface for that segment.
Is this the core of our business? No, at least not at the moment. Although the last time I started hashing things it turned into a business listed on the public markets, so you never know. I'd love to hear what you think we should do with it to improve the product. Thanks!
The nonce is good for privacy, preventing rainbow tables etc stuff right? Could still brute force if it's a small file maybe? Unless the nonce is hashed but not put on the blockchain directly, so the user can choose when to use the proof. But then the user has to save the nonce, which is precarious.
Also: it occurred to me a while ago that Archive.org etc really need something like this before generative AI gets too good. They wouldn't need to prove all of their documents if that's cost prohibitive. They could make a Merkle tree and prove the tip periodically.
Right the nonce–the "dibs code"–is there so that you can't just copy a known sha256 and claim it as your own. You have to at minimum have the file, and to prove you have it one way is to come up with some random data and hash that random data + the actual data. Then others can do the same to show that it indeed matches. Once a nonce is used it can't be re-used for the same reasons.
Not her words, but it can help prove that something existed at a point in time. It doesn't necessarily mean that you were the first but it does mean that you had it at that point in time. As I understand it, in copyright practice you take a work you've written, put it in an envelope and send it to yourself. The postmark shows that it existed at that point in time. (You don't open the envelope until some sort of legal procedure makes that required.)
> Can anyone take a file and check on the site to see who has logged it?
Exactly, it's a light-weight way to record that you had a file without storing the whole file.
These are good questions. I'm not sure. As it was a quick project I didn't start with user research, although remember the people that were interested in it last time I had a similar product were lawyers and their clients who had copyright claims. The ability to use the core technology here–a hash–is on every computer, so you could certainly do this yourself. We just make it easier in terms of interface, using the blockchain as a database of sorts.
Some posts above about alternative ways to do this. I'm not aware of any that integrate with the Finder.
By default it will summarise the context, but you can give it arbitrary queries, and it will respond with references to the source. It's handy if you've developed a healthy distrust.
More platforms would be a bit of a drain. Just one lonely dev on this. Multiple LLMs was indulgent and distracting enough.
Next? There's tonnes you could do, but finding something that won't leave you with a massive bill, and or offend people's sense of privacy is a bit tricky. For the latter it was "designed" so you explicitly select what text to give the AI. This can get annoying, so there's auto selection commands to select up to a model's context limit.
- Relax on the beach
- Non contiguous contexts - even "simply" expanding your selection from the viewport and down can be quite complicated due to things like fixed headers - it's hard to find a single selection that spans all the on-screen elements
- Replacing the window.prompt box
- Follow up chats to the original query
- Fine tune models for the text zoom so it works much faster (without needing a lot of hidden "thoughts" ) and more accurately
Tough?
The line mapping was much more annoying to work out than you'd probably imagine
I created a similar service to this called Monetized.Link https://www.monetized.link/ ...We describe it as if you put together a tiny url and a paywall. From what I've seen there's a fair amount of interest in easily converting a link into money. Like Gumroad we've tried to make it as easy as possible, but more to be done.
Our team's background is in content so we initially were imagining this as a paywall for one-off content. You could put these monetized links inside a newsletter or twitter stream for instance and get an easy to create payment stream from your exiting users.
Over the product's development we have found support with the web3 community doing token gating (get the premium content if you own an NFT for instance).
This is the world premiere screening, happening right now. It's exclusively for Coil/ web monetization members. Is this the way to pay for content in the future?
We built the Condé Nast paywalls (New Yorker/Wired/Vanity Fair) using the 402 status code. A 402 indicates to the browser that no acceptable payment method was negotiated and the content returned is not the full url requested.
We imagine clients sending an "Accept-Payment" header just as they send an "Accept" or "Accept-Language" header today. When the server is unable to satisfy their request, it returns a 402 indicating that no acceptable payment method was found.
It's true that browsers may not be currently sending these Accept-Payment headers; we auto-create the headers at the edge based on other headers (cookies). Conceptually this simplifies our stack and gives us a way that we might be able to have more of a "conversation" between web users and the site about how they want to monetize our content.
For instance a user may have ad-block enabled so why not tell the server that ("Accept-Payment: ads;q=0") and we'll serve the page based on this information.
I envision a future where the web browser may have multiple payment methods built into it (micro-payments, subscriptions, ads, etc.) and a "conversation" happens between the client and server to figure out what the "best" way forward is for both parties. We don't need new headers or methods for this, we simply need to re-use existing status codes and headers.
The full page distinction is very useful and nuanced. You're returning partial content, so it's not a regular 4xx, but readers can't go past the fold, so it's not a 2xx. It's a good niche for the status code. I hope these headers catch on.. payment vs. content negotiation seems a natural fit.
