Trust

From The Socknet

Some providers may want to experiment with trust systems, in which users rank their trust (secretly) for each friend. This document discusses a sound mathematical system for calculating trust based on input from several different friends.

Contents 1 The Mechanism 2 Examples 3 The Threshold of Trust is Arbitrary 4 Properties of This Mechanism 5 0% and 100% 6 Trust is Private Information 7 Some Uses for Trust

The Mechanism

For those systems that depend on trust, there are some arbitrary assignments together with a specific formula.

Trust is calculated as a function of mistrust. Trust is measured between 0% and 100%. mistrust = 100% - trust. We use this formula to measure mistrust and then subtract from 100% to determine trust:

total_trust = 1 - (1 - trust1) * (1 - trust2) * ... * (1 - trustn)

(This works because fractions multiplied together yield smaller fractions. When we have several people who trust something, it should yield higher trust. We determine mistrust and multiply those together, getting lower mistrust and therefore higher trust. Fun, huh?)

Examples

When two friends issue identical spam reports the report is more trustworthy than either friend alone.

For this example, we'll just assume that all friends are equally trustworthy, but in practical use we may want to assign specific trust to each friend. See Trust Assignment for some ways to help users assign their trust to friends.

Assume we trust our friends 75% and friends of friends 40%. A Friend of a Friend is called a foaf.

We have 3 friends and 4 foafs that make statement x.

The long version of this problem would be

1 - (1 - .75) * (1 - .75) * (1 - .75) * (1 - .40) * (1 - .40) * (1 - .40) * (1 - .40) = .997975

Notice, that since we only have two trust levels we can simplify the problem:

1 - (1 - .75)^3 * (1 - .40)^4 = .997975

So we trust very well that x is true.

Say we have 2 foafs that make statement y. We trust each only 40%.

1 - (1 - .4)^2 = .64

That's better than 50%, so maybe we trust that. Speaking of which...

The Threshold of Trust is Arbitrary

Finally we have to make another arbitrary assignment. Say we only trust things that are more than 90% sure (very strict). From above, x is assured, y is not.

Usually, different purposes will have different thresholds.

Properties of This Mechanism

This system meets several important criteria of a multiple-input trust system (assuming the input is always between 0% and 100%):

• No result can be outside the 0% to 100% range.
• No inputs can lead to 100% unless one of the inputs is 100% (unless rounding is used).
• All inputs lead to a greater or equal trust: said another way, no two trust measurements can yield a trust result that is lower than the highest input. Trust only rises with more input. This also means that:
• No inputs can lead to a 0% trust result, unless all of the inputs are 0%.

0% and 100%

In the example, the trust of one friend is not enough to assure us that something is true, but the trust of two friends is enough to make us more than 90% sure (93.75%). If this is too few friends, then 75% trust for all friends is too high. Providers or users must assign trust so that they get the results they desire. Math skills or trial and error can help here.

If strangers were 0%, the mistrust would be 100%, so the result would be the same as if they didn't exist. We'd be multiplying by (1 - 0) = 1. So 1 - (1 - 0) * (1 - x) = 1 - (1 - x).

On the other hand, say we had one friend who we trusted 100%.

Statement z is made by that friend and some regular friend:

1 - (1 - 1) * (1 - .75) = 1 - 0 * .25 = 1 - 0 = 1

A friend we trust 100% always yields a trust level of 100%, regardless of our trust for other speakers. The system can avoid running the whole calculation by noticing that one of the inputs is 100%.

Trust is Private Information

The amount to which someone trusts something is very sensitive information. Say a user's friend was rating his trust of a third friend. Social networks get hairy when people start admitting that they don't completely trust each other. Many people, in an effort to be nice, would just trust all of their friends 100% or 0% all the time. That makes a trust system worthless.

So trust information should be guarded. However, we can generally assume that a friend who passes information from someone else does not trust that person 100% (unless we know that this friend is quite gullible, in which case we clearly don't trust his judgement).

Some Uses for Trust

A spam system should use trust as its core metric.

A system to determine whether someone is who they say they are could use trust. A user may have 5 friends pointing to one Dan Kuck and 3 pointing to another Dan Kuck. It would appear that the 5 should be trusted because there are more of them. But if the user gives higher weight to the 3 friends, their opinion may supercede the other 5.

When choosing between different services which do the same thing, a user may calculate which of his friends he trusts the most and find out which service they use.

When posting information, a user may choose to make it public only to those friends which he trusts the most. This may leak trust information to extremely observant parties but should generally be safe.