At present, when users encounter scams through private messages, moderators have no means to authenticate these due to privacy restrictions. (That’s my assumption.)

I propose implementing message hashing. This will allow verification of private messages without compromising privacy, as staff members can’t calculate a hash’s pre-image. Also it won’t require a lot of storage space.

• Every private message sent would undergo cryptographic hashing conducted by the server.
  
• This hash is made from the message content, timestamp, and an internal unique ID known exclusively to staff members (such as a user ID). This is optional, and even a simple message+username hash can suffice.
  
• The resulting hashes, without actual message content, would be stored in a database.

The hash can be stored on its own or with a timestamp in a database. (In case we want to prune very old hashes) There are probably a million implementations that will work. I don’t know which one is the most efficient and best. But this should be a starting point.

Why?:

• Moderators can validate reported private messages without being able to read messages they are not authorized to access. They will only verify messages when provided permission by a user, such as through a screenshot.
  
• Privacy is maintained, as hashes alone do not allow reconstruction of the original message.
  
• Simplifies identification and prevention of scams, as users won’t be able to forge private messages. Additionally, this helps prevent false accusations.

Example:
In the event of a PM scam, moderators would:

• Obtain the reported message content provided by the user (e.g., screenshot, but copying the true message body is probably a better method)
  
• Independently hash the provided content using the sender’s internal identifier and timestamp (to prevent replay attacks).
  
• Confirm the authenticity of the private message by checking for the hash’s existence in the database.

This post was edited by controlledhive on Apr 5 2025 11:32am

Voted no.

While I understand your thought process, this is the whole reason that PM trades are considered illegal trades and are against the trading rules:



Located here: https://forums.d2jsp.org/info.php?p=6

This issue is easily remedied by ensuring that the buyer and seller both post in the trade thread both the terms of the trade and their agreement to it.

Yes. That is the status quo. This line of reasoning feels like “X is the way it is because we have a rule that says X is the way it is. And thus X will never change.”. But I understand if implementing this is too much of a bother. While not rocket science, it isn’t trivial either.

This post was edited by controlledhive on Apr 5 2025 12:26pm

Its not going to happen, while the intentions are good, it will just revert back to what bodie said.

I voted no, I think d2jsp therefore made the trade guide in example, so we have the needed information to post if things go wrong.
I might be wrong on this, but for me it sounds logical to why those rules are implemented.

No

Voted yes. Good way to stop people from pm'ing people in your own threads and stealing trades.

Don't overestimate the iq of the people here though.

I'm not sure if this would solve anything.
People can arrage trades through other means as well, like in game or different apps.

Voted no.

For the amount of successful trades vs unsuccessful instances it would be over engineered and not mitigate much. Other channels of comms such as Discord tend to be a large (not only/primary) cause of said instances.

Example would be 1x successful trade, exchange external details, and etc.

Great idea, just in my personal opinion not needed at this time ~

voted no

certain mods (if not all) can read pm's so this is moot imo