Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
github.com/systemaccounting/mxfactorial
a payment application intended for deployment by the united states treasury that eliminates monetary inflation, systemic default risk and the uncompetitive access to capital
systemaccounting optimizes the flow of capital by expediting the discovery of economic opportunity through physics and data science. dashboarding real-time business performance within an equally-accessible space spanned by a metric not only maximizes capital's throughput between investors and entrepreneurs, it also transparently benchmarks lending rates between borrowers and lenders. in addition to eliminating interest rate manipulation by central commitees, systemaccounting solves monetary inflation and systemic default risk through its practice of cross-user, double-entry accounting. by recording transactions as conserved quantites, user equity remains separate and protected from the liability produced by government-chartered lending firms
economic policy as code video series
q. is this a "cryptocurrency"?
a. no, and please use the word encryption
q. is this a "blockchain"?
a. no, and please use the word replication
q. i dont find any words in here used by the media. what is this?
a. encryption solves access risk. replication solves single point of failure and inconsistency risk. neither of these solutions are relevant to modeling currency as an electric current. this payment application solves contemporary economic issues by replacing "monetary" policy with a natural physical law
first, currency is modeled as a lightweight, dual positive-negative structured time-series between creditors and debitors respectively:
{
"item": "bottled water",
"price": "1.000",
"quantity": "1",
"creditor": "GroceryStore", // positive value (+)
"debitor": "JacobWebb", // negative value (-)
"creditor_approval_time": "2023-03-20T04:58:27.771Z",
"debitor_approval_time": "2023-03-20T04:58:32.001Z"
}
encryption and replication are secondary
q. where will i bank?
a. you dont need a bank. you need accounting. if you still wish to lend your money after receiving the service of accounting, please judge the risk of the loan you intend to offer the recipient by first exploiting your access to their accounting, then assume no one except you will own that risk after you consume it
q. what is money?
a. money is accounting. when someone has a 5 in their pocket, it's because they had a credit of 5 and someone else had a debit of 5
q. what does physics have to do with accounting?
a. recording transactions between users as debit-credit pairs enforces a conservation law on value. locking down the 'how to define and optimize the flow of goods and services?' answer in a language that merges mathematical physics with computer science separates away the social from the science, and removes high risk academia from serving as a source of confusion, instability and justification for government failure. with macroaccounting requiring economic resources to be described as conserved—and not just "scarce"—individuals stay clear of the many schools of thought indulged by the convenient handwaving of macroeconomics
q. what is the equation?
a. u = transactions per second, wi = value conserved per transaction, Mx! = value visible in a combinatorial game
q. how to explain the equation to a non engineer?
a. just say "add all the transactions conserving value every second":
q. how does standardizing financial value as a conserved quantity protect individuals?
a. applying a conservation law to financial value protects producers and consumers from an abuse of government authority. consumer wealth increases when producers increase the purchasing power of money by shipping useful r&d. but government printing money, and government chartered "bankers" expecting money are not the same types of events as producers shipping useful r&d. theyre not even the same types of events as producers shipping common goods and services. so when government authority is used to violate conservation by defining money as something you can just print and mix with failing "bank" notes, the loss of information in money from these physically negative events steals away the 1) purchasing power created by producers, the 2) increased wealth of consumers, and the 3) value of all property owned by individuals
government is not above failure, nor is it entitled to steal from the private sector to conceal its failure. improving government depends on failure predicting the individuals and laws that must be replaced. flying a flag and demanding loyalty before this step is just misdirection
q. what is a bank?
a. a lending business that receives government privilege in 12 U.S.C. § 1841(c) to subsidize its cost of raising capital by bundling the services of 1) storing and 2) moving money with 3) offering loans:
(c) Bank Defined.-For purposes of this chapter-
(1) In general.-Except as provided in paragraph (2), the term "bank" means any of the following:
(A) An insured bank as defined in section 3(h) of the Federal Deposit Insurance Act [12 U.S.C. 1813(h)].
(B) An institution organized under the laws of the United States, any State of the United States, the District of Columbia, any territory of the United States, Puerto Rico, Guam, American Samoa, or the Virgin Islands which both-
(i) accepts demand deposits or deposits that the depositor may withdraw by check or similar means for payment to third parties or others; and
(ii) is engaged in the business of making commercial loans.
q. how would a bank hypothetically operate in systemaccounting?
a.
[
// Starting with a zero balance, Jane receives 1000 from her employer
{
"item": "weekly salary",
"price": 1000,
"quantity": 1,
"creditor": "Jane", // balance increases by 1000
"debtitor": "Jane's Employer", // balance decreases by 1000
"debitor_approval_time": "2021-01-01T12:00:00Z",
"creditor_approval_time": "2021-01-01T12:05:00Z"
},
// Jane deposits 1000 in the bank and can withdraw it whenever she wants
{
"item": "bank deposit",
"price": 1000,
"quantity": 1,
"creditor": "Bank Of America", // balance increases by 1000
"debtitor": "Jane", // balance decreases by 1000
"debitor_approval_time": "2021-01-01T12:10:00Z",
"creditor_approval_time": "2021-01-01T12:11:00Z"
},
// but then Bank Of America decides to lend 1000 to John the Borrower
{
"item": "10% promissory note of 1000",
"price": 1000,
"quantity": 1,
"creditor": "John the Borrower", // balance increases by 1000
"debitor": "Bank Of America", // balance decreases by 1000
"debitor_approval_time": "2021-01-01T12:15:00Z",
"creditor_approval_time": "2021-01-01T12:16:00Z"
},
// Jane can't withdraw 1000 until John the Borrower redeems the promissory note from Bank Of America
{
"item": "redeem 10% promissory note of 1000",
"price": 1010,
"quantity": 1,
"creditor": "Bank Of America", // balance increases by 1010
"debtitor": "John the Borrower", // balance decreases by 1010
"debitor_approval_time": "2022-01-01T12:00:00Z",
"creditor_approval_time": "2022-01-01T12:01:00Z"
},
// Now Jane can withdraw the 1000
{
"item": "bank withdrawal",
"price": 1000,
"quantity": 1,
"creditor": "Jane", // balance increases by 1000
"debtitor": "Bank Of America", // balance decreases by 1000
"debitor_approval_time": "2022-01-01T12:10:00Z",
"creditor_approval_time": "2022-01-01T12:11:00Z"
}
]
q. operating a bank in systemaccounting is ridiculous. why would i use it to store and move money?
a. you wouldn't. receiving government privilege to tell depositors their money is still in the vault after exchanging it for a promissory note only violates a natural physical law. money is accounting. using a payment app supplied by the u.s. treasury empowers you to store your money and pay others independently from banks
q. where would i get a loan?
a. talk to a lending business
q. and how do lending businesses raise money?
a. by publishing their performance. investors confidently supply capital to lending businesses when their accounting proves they can profitably buy and sell promissory notes. storing and moving money for the public is NOT relevant to finance and only a matter of security
q. but what if i don't want to publish my earnings?
a. publishing your earnings is not required but you won't attract capital. publishing profit signals to investors the demand for capital, or the supply of return, and invites competition from producers capable of lowering prices for consumers. indulging a fear of competition through secrecy weakens an economy and enables greed
q. what would happen to central banks?
a. enforcing a conservation law on value privatizes the balance sheets of banks. central banks are not necessary when banks cannot include their balance sheets in the money supply
q. what would happen to the money multiplier?
a. there's no such thing as the "money multiplier". this phrase is weasel wording for equating assets of different types. the private instrument used to measure value expected in the future is not equal to the public instrument used to measure value eaned in the past: bank note (risk > 0) != money (risk = 0)
. by defining value and liability as conserved, systemaccounting introduces a physics-based type system into finance that prevents such abuses
q. shouldn't money always be earning interest?
a. a free market does not require consuming financial risk
q. how does systemaccounting manage expectation?
a. central banks providing "forward guidance" appease the democratic mandate more than they set expectation when they print money and manipulate interest rates. in addition to enforcing a conservation law on value, systemaccounting prices capital by switching the "risk-free" rate from referencing the hackable price of debt to the immutably recorded price of equity. when the risk-free rate refers to the empirical rate, i.e. to the historical and not the expected, the economy remains protected from the catastrophic failure indulged by government mispricing
removing financial appeasement guides the freedom of speech by recalibrating expectation to the empirical
q. will a government hosted payment app reduce my freedom?
a. the government can already see your transactions. systemaccounting empowers you to see the transactions of your government. access to the realtime financial performance of your government helps protect you from electing individuals who exploit money printing, price manipulation and the absence of accountability to systematize the cost of their failures to everyone else
q. will a government hosted payment app reduce my privacy?
a. you dont need to publish your account activity. publishing account data is a feature primarily intended for 1) businesses owners who wish to signal the demand for capital with an empirical rate of return and 2) government officials who wish to keep citizens informed of the performance of fiscal policies with empirical data
q. doesn't decentralized finance offer the most security?
a. centralized finance is not a threat when it's transparent. and decentralizing finance unwittingly decentralizes a cost center. information symmetry supplies the highest form of security and a single source rapidly receiving the most advanced r&d empowers the public with the most scalable reduction in the cost of storing, transforming and transmitting information
q. why can't we just remove government entirely from money?
a. removing law enforcement from money leaves it impotent
q. but what if i still don't want the government to know about my transactions?
a. then don't ask them to measure and testify you delivered value to someone else
q. how does systemaccounting define a transaction in a free market?
a. value independently measured by seller - value independently measured by buyer = 0
in a space where the order between production and consumption matters:
[
{
"item": "bottled water",
"price": "1.000", // 1.000 measured by seller - 1.000 measured by buyer = 0
"quantity": "1",
"creditor": "GroceryStore", // seller (producer)
"debitor": "JacobWebb", // buyer (consumer)
"creditor_approval_time": "2023-03-20T04:58:27.771Z", // time seller independently measured 1.000 price
"debitor_approval_time": "2023-03-20T04:58:32.001Z" // time buyer independently measured 1.000 price
}
]
q. how does systemaccounting model a free market?
a. by splitting everything between debitors and creditors right down the middle
q. how does systemaccounting affect setting public policy?
a. solving problems one at a time depends on 1) researching facts, 2) designing a solution, 3) applying the solution, 4) measuring its input and output and 5) holding contributors accountable. empowering sincere fact finders and problem solvers with more convenient access to public data science reduces the risk of luring them into the idle game of assigning blame between fictional social groups
q. do you have any demos?
a. watch the economic policy as code video series
q. how to explain this project to non engineers?
a. invite them to speak with an ai
q. how to explain this project to a physicist?
a. invite them to speak with an ai (todo: move content to mxfactorial.ipynb)
q. why is the code public if the license is private?
a. publicly used code is a public structure
q. what price does systemaccounting charge to conserve value?
a. the transaction author is charged 0.001
per transaction:
[ // 1.000 bottled water + 0.001 transaction cost = 1.001 total
{
"item": "bottled water",
"price": "1.000",
"quantity": "1",
"creditor": "GroceryStore",
"debitor": "JacobWebb",
"creditor_approval_time": null,
"debitor_approval_time": null
},
{
"item": "mxfactorial",
"price": "0.001",
"quantity": "1",
"creditor": "GroceryStore",
"debitor": "mxfactorial",
"creditor_approval_time": null,
"debitor_approval_time": null
}
]
q. can i invest?
a. contribute what you like. the dividend for believing in science is protection
GroceryStore
systemaccount is created when the owner transfers, for example, 1,000
from their "Bank of America" account to the united states treasury accountJacobWebb
systemaccount is created when the owner transfers 1,000
from their "Chase" account to the united states treasury accountJacobWebb
visits the GroceryStore
and brings a single bottled water
priced at 1.000
(3 digit decimals used) to the cashierGroceryStore
cashier authors a single entry list of transaction_items
to be transacted. the GroceryStore
account is set as the creditor (+) and the JacobWebb
account is set as as debitor (-):
[
{ // authored by GroceryStore cashier
"item": "bottled water",
"price": "1.000",
"quantity": "1",
"creditor": "GroceryStore",
"debitor": "JacobWebb",
"creditor_approval_time": null,
"debitor_approval_time": null
}
]
GroceryStore
cashier first sends the transaction_items
list to the rule
service (see detailed request & response) to check for any transaction automation rules that apply to the proposed transaction (taxes, approvals, etc) and receives a response with a creditor-approved state sales tax added to the transaction_items
list:
[
{
"item": "bottled water",
"price": "1.000",
"quantity": "1",
"creditor": "GroceryStore",
"debitor": "JacobWebb",
"creditor_approval_time": null,
"debitor_approval_time": null
},
{ // transaction_item added by rule service
"item": "9% state sales tax",
"price": "0.090",
"quantity": "1",
"creditor": "StateOfCalifornia",
"debitor": "JacobWebb",
"creditor_approval_time": "2023-03-20T03:01:55.812Z", // approval added by rule service
"debitor_approval_time": null
}
]
GroceryStore
cashier then sends the rule-applied transaction request to the request-create
service (see detailed request & response) to 1) create a transaction request and 2) add an approval for the GroceryStore
creditor:
[ // added to database by request-create service
{
"item": "bottled water",
"price": "1.000",
"quantity": "1",
"creditor": "GroceryStore",
"debitor": "JacobWebb",
"creditor_approval_time": "2023-03-20T04:58:27.771Z", // added by request-create service
"debitor_approval_time": null
},
{
"item": "9% state sales tax",
"price": "0.090",
"quantity": "1",
"creditor": "StateOfCalifornia",
"debitor": "JacobWebb",
"creditor_approval_time": "2023-03-20T03:01:55.812Z",
"debitor_approval_time": null
}
]
JacobWebb
customer receives a notification and sends their approval to the request-approve
service (see detailed request & response)
[
{
"item": "bottled water",
"price": "1.000",
"quantity": "1",
"creditor": "GroceryStore",
"debitor": "JacobWebb",
"creditor_approval_time": "2023-03-20T04:58:27.771Z",
"debitor_approval_time": "2023-03-20T05:24:13.465Z" // added by request-approve service
},
{
"item": "9% state sales tax",
"price": "0.090",
"quantity": "1",
"creditor": "StateOfCalifornia",
"debitor": "JacobWebb",
"creditor_approval_time": "2023-03-20T03:01:55.812Z",
"debitor_approval_time": "2023-03-20T05:24:13.465Z" // added by request-approve service
}
]
1.000 bottled water + 0.090 sales tax = 1.090 total
transaction simultaneously:
JacobWebb
account by 1.090
GroceryStore
account by 1.000
StateOfCalifornia
account by 0.090
StateOfCalifornia
accountGroceryStore
owner may publish account performance anytime to signal the demand for capital to investors with an empirical rate of return, i.e. NOT pro formapublic demonstration of the following use cases through a systemaccounting function:
SELECT SUM(price*quantity) FROM transactions WHERE time = NOW()
maximizes & protects for individuals a scientific standard the publicly-measured quarterly or annual 'GDP' violates"creditor" ∧ "debitor" = - ("debitor" ∧ "creditor")
exterior product defines the continuity point a time-dependent projection depends on to propagate zero-sum changes to account balances ★
∧
/ \
dual +/− value @ t dual +/− value @ t+n
/ \
{ {
"debitor": "John", "debitor": "Mary",
"creditor": "Mary", "creditor": "Isaac",
"item": "bread", "item": "milk",
"price": "3.25", "price": "3.25",
"quantity": "1", "quantity": "1",
"time": "2019-07-12T12:11:31", "time": "2019-07-14T07:36:15",
} }
// "Mary" account balance Δ = 0 after selling and buying in
// autonomous market pricing bread = milk
this project intends to exploit the software engineering community's familiarity with data science to rapidly develop their capacity to describe an economy using mathemtical physics. software engineers may be expediently converted to phd-level experts because they come equipped with the technology to test, adopt, and communicate the subject to others. adding to the project's list of features is designed to foster enough interaction between engineers and the data model that a movement to eliminate nothing but public ignorance becomes generally accepted as possible only when it's precipitated by activism pursued—not in the streets where slogans, bottles, and rocks are blindly hurled at others who are equally frustrated with their economy, but on knowledge's frontier where science and technology are used as tools to empower mankinds revolution in the cloud
private, receiving added value is sustained & acknowledged by sending value
funds: send from the financial support page
code: create an issue with a "developer license request" title, negotiate rate, fork, then send pull requests
client (typescript, svelte, cloudfront/s3: demo web client targeting graphql)
└── graphql (rust, api gateway/lambda: public interface for below services)
├── balance-by-account (rust, lambda: returns account balances)
│ └── postgres
├── request-approve (rust, lambda: approves a transaction request)
│ └── postgres
├── request-by-id (rust, lambda: returns a transaction request by id)
│ └── postgres
├── request-create (rust, lambda: creates a transaction request between a buyer and seller)
│ └── postgres
├── requests-by-account (rust, lambda: returns transaction requests by account)
│ └── postgres
├── rule (rust, lambda: returns transactions with user defined rules applied, e.g. taxes, dividends, etc.)
│ └── postgres
├── transaction-by-id (rust, lambda: returns a transaction by id)
│ └── postgres
└── transactions-by-account (rust, lambda: returns transactions by account)
└── postgres
> make bootcamp
access ./mxfactorial.ipynb
jupyter notebook locally:
docker run \
--rm \
-p 8888:8888 \
-v $PWD/mxfactorial.ipynb:/home/jovyan/mxfactorial.ipynb \
jupyter/datascience-notebook
note: both transaction and visualization clients will be strictly served by publicly-accessible endpoints to demonstrate for the u.s. treasury that with enough security, anyone may build an app that submits transaction data to the public ledger, thereby eliminating "banks" from the value transmission equation
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.