keyko-io / filecoin-verifier Goto Github PK
View Code? Open in Web Editor NEWFilecoin project issues
Filecoin project issues
Currently we show the following for a transaction:
This can be confusing for users because:
I propose that to fix this we add a section that explictly states what they should see on their ledger (and prompt the user to check the ledger to confirm the transaction) to move forward. Something like:
Analyze the information displayed on the different screens of the design.
Discern what is the info we can get from the current API (for instance to get the Remain Datacap we can get the list of verifiers and sum their datacaps), and think about how we could get the rest of the info.
Probably we can get some of this info directly from the state tree, but for some we will need additional mechanisms, like block explorer integration or store off chain data in a db
We should change this flow so (to start) we only have this table view for clients.
To make this usable, I think we shoudl add a "Use Case" column (between verifier and geography).
I think we should also take out the "email / github" columns - and instead embed this in the form. Perhaps we could have the last question say "choose how you'dl like to contact this verifier", and you can get a radial select - "Email", "Public Github Issue"... etc
NOTE: This design is complemented by: #26
The current Filecoin Registry application allows to the verifier to allocate some of their datacap to clients. This is okay from a functional point of view because there is a mechanism to distribute the datacap from the verifiers to the associated clients to that verifier.
Also there are applications like Slate wanting to provide storage capabilities to their users using Filecoin as substrate. To support that capabilities, all the new Slate users should be able to receive automatically a datacap allocation from the verifier associated with that application (Textile in this case).
The current manual flow supported in the Filecoin registry application is totally functional but is not optimal for supporting automatic datacap allocation.
The objective of this document is to describe the technical solution allowing to allocate datacap in an automatic way to clients/users of these Filecoin applications.
Here we distinguiss different actors:
To support the level of automation required, there will be a micro-service (aka SERVICE) with the following characteristics:
POST /verifier/client/datacap
. The PSK will be sent in the HTTP Authorization
header. This endpoint will request the following JSON payload as input:
{
"clientAddress": "t01032",
"applicationId": "LIKE_SLATE_ID",
"userId": "INTERNAL_USER_ID",
"datetimeRequested": "2020-02-08T08:13:49Z"
}
HTTP 201
{
"clientAddress": "t01032",
"applicationId": "LIKE_SLATE_ID",
"userId": "INTERNAL_USER_ID",
"datetimeApproved": "2020-02-08T08:13:49Z",
"transactionId": "0x1234567890abcdeefgh1234567890abcdeefgh",
"datacapAllocated": "1000000000000"
}
HTTP 401 or 500
{
"clientAddress": "t01032",
"applicationId": "INTERNAL_APPLICATION_ID",
"message": "The verifier can't distribute more datacap at this time"
}
Confirm with Riba if mainnet deployment needs any specific setup
According with the designs, the frontend should show more friendly information about the verifiers and the clients (names, alias, logos, urls, โฆ) To accomplish this goal it should exists an off chain mechanism, like a db, to persist this kind of info, and be able to merge on the screen the on chain info with the related off chain info.
Probably the responsibility of filling or persisting this info is out of the scope of the frontend app
In the GithubRouter class the github credentials are hardcoded and accessible in the public repo. This should use environment variables.
Not sure if this is a bug, or can be resolved elsewhere - but when confirming the message in my ledger I noticed it never actually mentions the data cap.
The Value field seems to only refer to FIL, not to potential data cap - and theres nothin gin the Method or Params that indicates what amount of data cap I'm actually trying to send/
Investigate alternatives
This Service will allow to the different apps on the Filecoin's ecosystem to verify their clients in an automated way.
Firstly we need to implement the basics of the Service using Node.js and a thin framework like Express
Related with #39
When a Root Key Holder propose a new Verifier it should provide some metadata that will be stored
The formulary to propose a new verifier needs to include this fields:
When the root key holder push the "Propose Verifier" button, the app will send the message to the lotus node with the address and the datacap, and it will store the metadata
We need an html template to send emails to the verifiers when a user requests datacap privately
For all the on-boarding flows based on Github integration (see #18 & #19) we need to describe what is the techincal solution to put in place allowing to integrate the frontend and Github.
Reference doc: https://docs.google.com/document/d/1GW7_dJddOGx2b9JHDb5vpE8IpYXVzAipe08pV4EvskE/edit?ts=5f5a9ed1
As we recently discovered not having:
Will cause the ledger flow to not work. Is there a way of querying and surfacing these issues to a user in app?
At the least I think we can add that to the confirmation screen for the message (for the expert mode enabled) - but definitely should try and flag the ledger version thing if we can. A user won't be aware they're out of date (as I was unaware :( )
As a verifier, I will want to action the decisions I've negotiated off chain, by allocating data cap. In the current flow, I do this by choosing an address and allocating data cap to the client in question.
However, without knowing the data cap associated with an address I will have to cycle through many addresses in order to find one that still has cap remaining. Furthermore, as I spend data cap, I won't know how much I have available to me (in total) across all my addresses.
Proposal here would be to add a second column that:
Whispers have said that in the most recent versions of lotus only t0 addresses can get a data cap.
If so, we need to ensure that we make that visible for users to verifiers such that they can request new data cap from verifiers.
Frontend app will need to push/get data to/from Github to complete the flow. We can use a Node.js framework that wraps Github API, like Probot
Depends of #20
Take a look to the different alternatives offered by Github to automate actions and respond to events
This includes:
It is necessary to deploy some components to support the mainnet deployment. This include:
To accomplish this would be necessary:
Reproduction steps:
Deploy a lotus node (somewhere) connected to the new testnet. This lotus node will be used by the frontend app deployed on fleek
Define how the request datacap flow could be implemented using github issues, and how it can be linked to the actions needed to be executed on the verifiers tool app
As noted here: #6
Because a bad transaction failed without sending an error back to the app, it was unclear that the transaction did not go through. We should implement proper error handling / UI displaying of those error messages in order to make it more obvious when there is an issue.
After having the bot & backend running in AWS, there are a few improvements to apply:
Currently the flows designed to request datacap force clients to open new issues on GitHub that would be visible to all Filecoin community
For some kind of clients this flow could be not convenience in order to keep privacy, so it's necessary to provide an alternative that allows clients to contact a verifier privately.
On the landing page for clients onboarding the frontend app will show a tab where the users can consult a list of verifiers available to private datacap requests
The information shown will be Name/Organization, Location, datacap remained, email address
In this screen, a text will explain to the users they can contact a verifier of their choice via email, providing some information: name/organization, address, datacap, ...
The verifier will receive the email from the client, check the information provided, asking for further info if needed.
If the verifier is ok with the info provided, it will manually verify the client using the application.
Also the verifier must write back to the client to inform about the decision. If the verifier rejects the request, the client should be informed about the reason of the rejection.
The verifier is responsible to keep and custody these emails with the clients for accountability reasons. Filecoin could request this emails to audit.
to allow to deploy different instances of the service under the same load balancer would be useful to allow to specify the root path of the service in the configuration.
also, the email service could optional depending on the config
The backend service must exposes and endpoint that allows to send emails using a Provider set in the configuration.
This functionality is needed to allow users to request datacap contacting a verifier directly
Definition of how the multisig governance is going to work.
As a result of this analysis we should have:
Ih this moment, we are using one github repo for the datacap requests, https://github.com/keyko-io/filecoin-clients-onboarding, so different networks are using this repo, mixing test issues with actual issues in the mainnet.
It would be necessary to create a new repo, filecoin-clients-onboarding-test, that replicates all the configuration and functionality to be used for testing purposes.
For this, we will need:
Per feedback from JB, we're rebranding the name of the Verification process as well as the name of the "verifier role".
The latter is pretty much confirmed -> verifiers will be known as notaries on the network (verifier -> notary).
The former, is still being finalized.
We should update across the app to make sure we're consistent with this update!
Document the whole flow to verify a new client and allocate the requested datacap. This flow will include both onchain and offchain processes
Example: josepablofm78/TestFlows#1
As a result of this issue we should have a documentation with the flow.
Test new filecoin's testnet and check the verified clients functionality works with no issues
Github - Frontend integrations
Provide a gist or a brief document to Filecoin team with instructions about how to configured a network from the scratch with a multisig account set for the verifreg actor
For the mainnet deployment we will need to use a proper email Provider
When iterating through your list of addresses, you need to be able to copy out the t1 address in order to send Filecoin to that address to generate a t0 address.
This is at least required when getting addresses set up, as they must be on chain to request a data cap (Verifiers will need this to get data cap from root key holders)
Analyze the needs of frameworks like Textile, Slate, etc, that distributes datacap among their clients, devs, apps, whatever.
The main point to overcome, bot not the only one, is the limitation of the current implementation of the verifreg actor to renew the datacap of an already verified client.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.