Will Manifold leak everyone's private markets as part of deprecation? (2023)
Basic
36
Ṁ4705
resolved Aug 8
Resolved
YES

I am a member of several private groups, which are being deprecated.

Resolves YES if by the end of the year me or anyone else visits a Manifold user's profile and posts a link to a private market here, that anybody can then access to see betting history and comments. NO otherwise.

I have not explicitly asked for my markets to be handled specially, but if me or another member of the group requests to have them converted to unlisted it wouldn't count: The "leak" must happen naturally as part of the deprecation process, without anyone requesting it. Manifold staff converting them to unlisted without consulting anyone would still count.

API access counts, as long as comments and bets are visible to anyone following instructions in the comments.

Get
Ṁ1,000
and
S3.00
Sort by:

Since @JamesGrugett has fixed this issue and committed to NA + deleting people's private markets if they don't request unlisting, I made a follow-up for if a leak will happen again.

Also, the new market specifies that partial leaks count too, not just the entire history.

predictedNO

Seconding the complaint about resolution.

bets are visible to anyone following instructions in the comments.

Is very different from "Ya know, I bet using only Manifold's (notoriously buggy) account balance graphs I can reconstruct the entire betting history of a market I can't see whose participants I don't know."

predictedYES

@MichaelWheatley I was a YES bettor, and while this leak hits the spirit of the question I agree it missed some of the criteria. re-resolve to 50%? 🤝

predictedNO

@Mira It would be pretty sweet if you could actually do this, but the balance charts are so noisy and lossy (last I checked they weren't even a pure moment-in-time snapshot, by the time the code gets to the bottom of the list it's reading prices from two minutes later) that if it's doable at all we would be talking about thousands of dollars in programmer man-hours building the data-recovery algorithm.

@MichaelWheatley You guys are making this sound like some impossible task.

I can see for example that @Conflux spent 100 mana purchasing 123.5 NO shares at an initial percentage of 33.8% on "Will my phone die today?" around June 10 2023. The bet object in Manifold's database has betId = "zePOCFZx332HGK5KETJH".

Can you confirm these, @Conflux ?

predictedNO

@Mira Was that done via the comment object as described below, or a different method? My point is that while you may be able to find individual bits of information that have leaked, you wouldn't be able to do it on demand. If conflux grills you on a random person's trades (if any) on a random private Proofnik market, What are the chances you can retrieve that particular piece of information?

predictedNO

@Mira That particular trade is accurate and was made on a private market.

predictedNO

@Conflux Regardless of the fairness of the resolution here, it’s pretty worrying

How does this resolve of only comments are visible?

@AlexbGoode titles and links to the market are also visible..

predictedYES

@AlexbGoode a fix was pushed, but it still happened

@firstuserhere Wow, that was a fast fix

predictedYES

@AlexbGoode yep! I did get a link to a market for POC that I've shared privately with @Mira instead of posting here

@AlexbGoode Comments AND betting history are required here.

I was inclined not to accept this since it was only comments, but after thinking:

  1. @firstuserhere has posted a link to someone's private market, accessible via their profile. I can't access the market through the Manifold web UI, but just knowing the slug and title gets you pretty far.

  2. All the comments were leaked: A scraper could download every comment in the market. This also leaks participants in the market, and partial group membership.

  3. The betting history can be inferred up to 15-minutes granularity with careful timing analysis of people's net worths and balances, once you know at least some participants and group membership. This should include an estimate of the displayed probability of the private market.

  4. Now that the partial participation graph has been exposed, the admins' option to "NA and delete" the market will also leak the day-granularity of those bets and position cost bases because I can track how much loans people have gotten back from the market as an extra verification on the betting history, and how much net worths/balances change after the NA.

I'm thinking it counts as YES.

predictedNO

@Mira Really? That kind of analysis is practically very difficult, I would’ve expected this market to require actually reading the betting history

predictedNO

@Mira why would you include "and betting history" if you are just going to do mental gymnastics to justify why a leak without betting history as commonly interpreted actually includes it?

predictedNO

@Mira further, you said in plain English that the link must be posted in this market and clickable by anyone. It wasn't.

predictedYES

@RobertCousineau I posted the link in private Because... Privacy.

predictedNO

@firstuserhere I respect that choice from a personal perspective, however, this was not a market with privacy respecting resolution criteria.

predictedYES

@RobertCousineau it does say "if one were to paste a link... Then it'll be accessible". It's about feasibility and not actually pasting the link imo (I can paste it rn but i choose not to) the way I read it, but I also see how you read it and it's also valid. Comes down to @Mira 's reading of the market I guess

predictedNO

@firstuserhere

"Resolves YES if by the end of the year me or anyone else visits a Manifold user's profile and posts a link to a private market here, that anybody can then access to see betting history and comments. NO otherwise."

The word "can" is a modifier for the second half of the sentence, not the first. I get no vibes of "the purpose of this market is about feasability", it says explicitly Mira or someone else needs to post a link in this thread. Then, anyone who sees it can click and confirm.

I think that is good design too because I honestly have no idea what was even displayed so I am hobbled trying to figure out if the betting history/users/etc could actually be reasonably inferred from what was leaked.

Edit: further, they say "API access counts, as long as comments and bets are visible to anyone following instructions in the comments." That heavily implies there need to be bug reproduction instruction in the comments that I can follow.

@Conflux It's not theoretical. I've done it before to track people hiding balance transfers. Easier with larger amounts though.

@RobertCousineau

API access counts, as long as comments and bets are visible to anyone following instructions in the comments.

The leak was, "If you visit @Catnee 's profile, his Comments tab had comments in private markets included in the list". You could also replay the API request the site makes.

The directly leaked attributes include the market slug, market title, and every comment in the market(if you scrape all users' comments on the site). Additionally, the ContractComment object that the frontend uses to display those comments contains these fields:

  // denormalized based on betting history
  commenterPositionProb?: number // binary only
  commenterPositionShares?: number
  commenterPositionOutcome?: string
  commenterPositionAnswerId?: string

It was patched before I could directly confirm their presence, but looking at how they fixed it I think you would get these attributes included even on private markets. I do see them in a fresh browser session when I visit my profile.

These are aggregate metrics, not the full betting history, and they are not updated after every single bet; but it makes the process I outlined earlier much easier if you have a few timestamped anchor points.

predictedNO

@Mira The leak wasn’t a link to a private market though! It was to certain aspects of it, with others maybe deducible if you put in effort. This is a somewhat reasonable resolution in my view given the title, but criteria exist for a reason, and I don’t think they were followed.

predictedYES

Buying YES on this market as insurance. My private (personal) markets were shown to others in the feed last time and it wasn't fun, but if it happens again, might as well make some mana on it.

I would love to lose all the YES shares I buy on this market and hope no one's personal info is leaked.

We won't do this. The plan to unlist by default wasn't a good idea.

Instead we'll probably ask if you prefer to have the private group's markets unlisted or N/A'ed and deleted.

@JamesGrugett I have spent a whole minute (😛) looking though the newsletter and discord for an update about this and haven't found it. Could you point me to a link which says more about the deprecation?

© Manifold Markets, Inc.Terms + Mana-only TermsPrivacyRules