BOTC - Tech report 2020/09
Link to this as online version plus details: https://board.net/p/botc_tech_report_assembly_2020_09
Link to this as online issue: #95
BOTC Overview // Issue-List: https://git.fairkom.net/faircoop/BankOfTheCommons/BotC_Overview/-/issues
New solution for a pending issue we couldnt solve, "Design screens for new wallet frontend". We are lacking of human resources and skills to complete this task.
opportunity for a perfectly fitting "hire: frontend developer", with the right skills and fair budget expectancies, who would like to work with us within a reasonable budget. There is a high probability of success in this cooperation.
Discussion about "onboarding" of new hired/voluntary helpers/devs. Online bank robbery is a thing, and so security is too. There is not yet a trust mechanism, but consideration to compartmentalize critical code.
A "testing team" is needed. For new testing releases, helping with bug reports, creating documentation, there would be place for voluntary help. Good entrance point, for learning or improving development skills.
Reporting: improving some methodology and habbits, from developers platform (technical discussions), to publicly interested audience (BotC Tech) - maybe more frequently, to general audience (BotC assembly).
- bug-fixing in ethereum and fairpay, sysadmins routine
- removing code and wallet_v2 develoment
- further containerization for development (wallet frontend v1 done!)
- Existing issue: "Design screens for new wallet frontend"
While raising the frontend technology now on modern level, the graphical screen designs and UX concept is lacking. There has been no solution found.
- New frontend freelancer
[x] posting to BotC tech
Draft: proposal for the assembly regarding the web-wallet v2 development. please take a look, make edits, add your comments, suggestions, etc... so that we could https://git.fairkom.net/botc_sources/wallet-frontend/-/issues/9 [ ] present it to the next assembly [ ] agreement for onboarding of Marcelo
Next step: [ ] service agreement with the developer, and [ ] a signed NDA, so that he has the necessary access needed to do his work. [ ] there is a model we used in the past which could probably be re-used. (ask Enric for it)
- Security considerations on Onboarding
restricting access to internal dev team and repositories
how to integrate new devs without risking revealing source code of parts of the highly critical infrastructure?
internal dev group for sensitive communication:
- keep this group strictly and highly technical.
- to accept people in this group only after proven as a need and some level of trust gets built through interaction
using gitlab for communication interface with developers (frontend/backend)
splitting critical infrastructure (server and api code) from less critical developement (frontend/etc)
related points from last months:
- from previous security considerations: concep like key holders, for accessing backups/server's data.
- Testing team
New devs could for instance start a testing team together, for example with Maro who is working professionally, and they could probably start with the new wallet frontend.
==> both new devs onboarding together ==> testing team!!!
- Reporting procedure
- developers report over the month progress and issues via Gitlab's issue list: https://git.fairkom.net/faircoop/BankOfTheCommons/BotC_Overview/-/issues
- role "reporter" -- 1) compiles relevant issues (in a issue or/and pad ) -- 2) summarize and reports to BotC tech (in short form with link to details) --- maybe two weekly, if a more frequent rhytmn is welcomed -- 3) sends report to BotC general assembly in a short form
- Technical Update / Progress report:
- investigate ethereum cashout issues
- Upgrade Ethereum node: #94
- BotC deployment: ( legacy ) wallet frontend done.
- wallet backend and orchestration of frontend and backend is still in work. (Should be hopefully done in October)
- fix tier permissions for certain accounts
- debugging the Fairpay incoming tx problems
- coordinate the new frontend design implementation with external collaborator (Marcelo) (already reported in point 2)
- routine sysadmin tasks (check logs, backups, update servers)
- also remove some code, because there are a bunch of third-party services not needed anymore