Update task list.
[?]
Feb 20, 2015, 12:18 AM
EZQG2APB36DDMIAYDPPDGOIXOD7K2RZZSGC2NKGZIHB2HZBTW7EQCDependencies
- [2]
2G3GNDDUEvent logging is now functioning in postgres. - [3]
Z7KS5XHHVery WIP. Wow. - [4]
TNR3TEHKSwitch to Postgres + snaplet arch compiles. - [5]
T44T2PDLRename trust.txt to README.md - [6]
W35DDBFYFactor common JSON conversions up into client lib module. - [7]
GKGVYBZGAdded JSON serialization to TimeLog - [8]
NVOCQVASInitial failing tests. - [9]
TLQ72DSJLenses, sqlite-simple - [10]
EPOYLP7OA little .gitignore cleanup. - [11]
A2J7B4SCInitial impl of depreciation function. - [12]
ADMKQQGCInitial empty Snap project. - [13]
NTPC7KJETrivial changes, feature scratchpad. - [14]
75N3UJ4JMore progression toward lenses. - [15]
QO4NFWIYAdded sample config file. - [16]
5W5M56VJMove library code to 'lib' - [17]
EQXRXRZDChanged to use tasty instead of test-framework - [18]
AXKKXBWNInitial attempt at writing down my ideas for a company based on trust. - [19]
N4NDAZYTInitial implementation of payouts. - [20]
OBFPJS2GProject successfully builds and tests under nix. - [21]
2Y2QZFVFSwitch to more modern cabal2nix-based workflow. - [22]
PBD7LZYQPostgres & auth are beginning to function. - [23]
I2KHGVD4Require project permissions for access to most data. - [24]
WO2MINIFAuctions now compile! - [25]
7DBNV3GVInitial, stack-based impl of time log event reduction. - [26]
XMONXALYFix sqlite/readWorkIndex table name - [27]
4IQVQL4TAdded client for payouts endpoint. - [28]
RSEB2NFGReplacing Snap with Scotty. - [29]
EMVTF2IWWIP moving back to snap. - [30]
Y35QCWYWMinor improvement in WorkIndex type to eliminate duplicated information. - [31]
LAROLAYUWIP - [32]
64C6AWH6Rename Ananke -> Quixotic, project reboot. - [33]
45AI46JNMove readme to inception.md - [34]
IZEVQF62Work in progress replacing sqlite with postgres. - [35]
BROSTG5KBeginning of modularization of server.
Change contents
- file deletion: TASKS
General:* Convert SQLite code to use PersistentUser Interface:* Login* Evaluate OAuth options* Invite* Record who invited a participant.* When a new participant is invited to the project, allow them to create an account.* Profile* Timeline - Yours* Log Start* Log Stop* Amend Event* Amend operations targeting events older than <commit_delay hours> fail.* Future work - garnish/reimburse based approach?* Payouts* History of payouts (read from blockchain?)* Projected payout given current data* Voting* List Proposals* Create Proposal* Options to be considered* Closing date* Vote* Resource Pooling* Create Resource Pool* Describe resource need* Base resource award set by socialized vote?* Voting on continuous values?* Set resource contribution timeline* Solicit/Suggest resource acquisition designee (& vote)* Escrow of resource acquisition contributions.* Resource award bidding?* In case of oversubscription, award is reduced by a function of the oversubscription amount.* "Test Oversubscription" functionality.* Read blockchain transactions; when a payment is observed, distribute it to participants.* Adjust work index reader to only read work index entries older than <commit_delay hours>.* Tabulate votes & randomly pick from weighted distribution.* Resource pool awardingPayouts Service* BTC address alias chains (in case new payouts should go elsewhere)* Update Payout Address- authenticate by asking the user to sign and broadcast a small txn with a specific- amount from the old address to the new address- user creates account & provides payout address- inviting user asked to sign a txn that transfers a specific amount of btc from their- current payout address to the invitee's payout address - file addition: TASKS.md[3.2]
Guiding Principle:Trust in your collaborators is the foremost design principle. Any attempt toinhibit abuse or fraud within a company will ultimately be circumventable, soit's more important to provide features that will be useful to friendly actors.Any feature that can be used to retroactively punish a malicious actor can alsobe used to abuse a friendly but unpopular actor, and so should be avoided. Thecorrect way to exclude a malicious actor is to fork the company to exclude thatactor.Design Goals:* Do not discard information. Mutable caches of state are fine, butretain all information necessary to reproduce both the current state andall prior states of the cache.* Timestamp EVERYTHING.* Keep a cryptographically verified audit trail.* Use cryptographic signatures for authentication of all requests to securedresources.Library:* Invite* When a new participant is invited to the project, allow them to create an account.- user creates account ands provides initial payout address- inviting user asked to sign a txn that transfers a specific amount of btc from theircurrent payout address to the invitee's payout address as confirmation ofthe invitation* Timeline* Amend Event* Amend operations targeting events older than <commit_delay hours> fail.* MAYBE garnish/reimburse based approach?* Secure the transaction log via inclusion of periodic hashes of the loginto the public blockchain?* User* Add public keys that can be used to sign requests. How does this interactwith certificate-based auth from browsers? Require openpgpjs?* Payout Address Update- authenticate by asking the user to sign and broadcast a small txn with a specificamount from the old address to the new address* Payouts* Payouts should not include events younger than <commit_delay hours> to permit amends.* Find current verified address for each payout.* History of payouts (read from blockchain?)* Include hours won in resource auction - requires confirmation that contributionwas actually made (observed in the confirmed blockchain)* Resource Pooling* Resource auction bids should include the source address which will be used in the CoinJoin txn.* Create election for resource acquisition designee* Elections* Create Election- Options to be considered- Closing date* List Proposals* Record VoteWebserver:* Login* Evaluate OpenID options* Companion Creation* Require user to provide the PGP public key that will be used to authenticate requests* Authentication* Require bodies of all* Timeline* Amend EventPayouts Service:* Read blockchain transactions* Invitation validation* Payout Address Update validation* When a payment is observed, distribute it to participants.* When a resource acquisition CoinJoin is observed, record time awards* Elections* Close voting window* Tabulate votes & randomly pick winner from weighted distribution* Record & announce winning option* Resource Pooling* Finalize resource pooling auction* Create CoinJoin transaction to award BTC to the resource acquisition designee* Notify auction winners so that input addresses & signatures may be collected. - replacement in lib/Quixotic/Database/PostgreSQL.hs at line 45
workEventParser = WorkEvent <$> fieldWith eventTypeParser <*> fieldworkEventParser = WorkEvent <$> fieldWith eventTypeParser <*> field <*> field - replacement in lib/Quixotic/Database/PostgreSQL.hs at line 117
"INSERT INTO work_events (project_id, user_id, btc_addr, event_type, event_time) VALUES (?, ?, ?, ?, ?)""INSERT INTO work_events (project_id, user_id, btc_addr, event_type, event_time, event_meta) \\VALUES (?, ?, ?, ?, ?, ?)" - replacement in lib/Quixotic/Database/PostgreSQL.hs at line 120
, a ^. address, a ^. _BtcAddr - edit in lib/Quixotic/Database/PostgreSQL.hs at line 123
, e ^. eventMeta - replacement in lib/Quixotic/Database/PostgreSQL.hs at line 175
(user' ^. (username._UserName), user' ^. (userAddress.address), user' ^. userEmail)(user' ^. (username._UserName), user' ^. (userAddress._BtcAddr), user' ^. userEmail) - replacement in lib/Quixotic/Json.hs at line 20
toJSON $ mapKeys (^. address) ptoJSON $ mapKeys (^. _BtcAddr) p - replacement in lib/Quixotic/TimeLog.hs at line 10
, eventType, eventTime, eventType, eventTime, eventMeta - edit in lib/Quixotic/TimeLog.hs at line 23
import Data.Aeson as A - edit in lib/Quixotic/TimeLog.hs at line 46
-- Permit the inclusion of arbitrary JSON data that may be refactored into-- proper typed fields in the future., _eventMeta :: A.Value - replacement in lib/Quixotic/TimeLog.hs at line 110
reduceToIntervals ((LogEntry addr (WorkEvent StopWork end')) : (LogEntry _ (WorkEvent StartWork start')) : xs, acc) =reduceToIntervals ((LogEntry addr (WorkEvent StopWork end' _)) : (LogEntry _ (WorkEvent StartWork start' _)) : xs, acc) = - replacement in lib/Quixotic.hs at line 10
newtype BtcAddr = BtcAddr { _address :: Text } deriving (Show, Eq, Ord)makeLenses ''BtcAddrnewtype BtcAddr = BtcAddr Text deriving (Show, Eq, Ord)makePrisms ''BtcAddr - replacement in lib/Quixotic.hs at line 14
parseBtcAddr = Just . BtcAddr -- this will be changed to do validationparseBtcAddr = Just . BtcAddr -- FIXME: perform validation - edit in server/Quixotic/Snaplet/WorkLog.hs at line 8
import qualified Data.Map as M - edit in server/Quixotic/Snaplet/WorkLog.hs at line 28
requestBody <- readRequestBody 4096 - replacement in server/Quixotic/Snaplet/WorkLog.hs at line 30
let workEvent = WorkEvent evType timestamplet em = maybe A.Null id $ A.decode requestBodyworkEvent = WorkEvent evType timestamp em - replacement in server/Quixotic/Snaplet/WorkLog.hs at line 44
writeLBS . A.encode . fmap (fmap IntervalJ) $ mapKeysWith (++) (^. address) widxwriteLBS . A.encode . fmap (fmap IntervalJ) $ M.mapKeysWith (++) (^._BtcAddr) widx - replacement in sql/quixotic-pg.sql at line 28
event_time timestamp with time zone not nullevent_time timestamp with time zone not null,event_meta json not null