Sybil resistant faucet - Githubissues

bedeho commented 2 years ago

Scope

[ ] Add captcha to the create membership flow

ℹ️ Atlas ticket:

https://github.com/Joystream/atlas/issues/2969

Background

We will have a faucet that gives people sufficient funds to make a membership, channel and upload content. This faucet is powered by Atlas operator funds, so it is costly for the operator. The upside is that the user cannot use funds for anything except transaction fees, so there is a very limited upside to abuse, but this may not stop grifters or people who simply fail to understand this.

Proposal

Introduce some basic authentication step to receive free tokens, meaning either doing some captcha and/or other task, as well as show some very clear big visual that sort of says "you will get some tiny amount of free coins, but you can only use them for fees, not transfer or selling, that wont work". We don't need to rush this, but it seems like it could quickly become a problem.

⚠️ Blocked by

https://github.com/Joystream/atlas/issues/3116

┆Issue is synchronized with this Asana task by Unito

toiletgranny commented 2 years ago

Alright, @dmtrjsg, let's see how it goes!

Naturally, I wanted to mimic what we've recently done in Atlas while trying to take as much as possible could from the things Pioneer already had. And so, with this approach, it felt appropriate to have the hCaptcha widget also added to the last step of the membership creation flow and to display the information about invitation tokens together with the confirmation of a successful membership creation.

https://www.figma.com/file/GlgN8uBRtvtMJtiOsdtDF7/Pioneer-Design?node-id=10780%3A405135

When reviewing/implementing the designs, please note that the "Create membership" may look different than what's currently implemented. This is because I couldn't find anything closer to the current state of the app on production, and I just didn't know which version was the up-to-date one.

Also, @dmtrjsg, do you think it would be a good idea to create a low-priority issue for the future, to go over Pioneer and review the micro-copy layer of the entire app? I'm talking about keeping consistency in using sentence case/title case and double-checking if all placeholders in form fields are truly needed and helpful (a placeholder saying "Type" is not helpful, might even be harmful).

dmtrjsg commented 2 years ago

@toiletgranny Love it, job well done.

Re copy suggest to go with:

Your membership has been created! Your account is topped up with XXX JOY tokens to help you getting started! These tokens are subject to a lock, meaning they are non-transferable, and can only be spent on transaction fees and staking by this account.

NB: Invitation lock may be renamed ofc but for now we can just say lock imho..

Re holistic copy review: I agree, that'd be nice. Someone with a fresh eye would def help!

toiletgranny commented 2 years ago

Got it! Copy updated. Would you like to use this opportunity to review a similar copy we have for this in Atlas? https://www.figma.com/file/ymHYOFItrmFaLeBC5Z4tpQ/Sign-in?node-id=1277%3A30169

dmtrjsg commented 2 years ago

@toiletgranny for Atlas, the one in Figma works well 👌 !

dmtrjsg commented 2 years ago

Pls try to work with this one: Memberships: ihttps://54.172.204.195.nip.io/network/config.json

polikosi commented 2 years ago

✅Captcha

✅Message about tJoy

dmtrjsg commented 2 years ago

@polikosi this is an issue for Pioneer .. So pls try to test the same on this instance> https://dao-git-carthage-joystream.vercel.app/#/working-groups

If you need the fresh env, you could use this one> https://44.201.112.198.nip.io/network/config.json

polikosi commented 2 years ago

@dmtrjsg sorry, confused

I didn't get the captcha, is this correct for pioneer?

dmtrjsg commented 2 years ago

@thesan can you advise pls?

dmtrjsg commented 2 years ago

@polikosi thanks for raising, looks like Faucet updates were not included into this one, can you pls try here [44.201.112.198.nip.io/network/config.json]?

polikosi commented 2 years ago

Captcha Transaction Notification