Type of allocator:
What is your overall diligence process? Automated (programmatic), Market-based, or Manual (human-in-the-loop at some phase). Initial allocations to these pathways will be capped.
Manual
Amount of DataCap Requested for allocator for 12 months:
50-100pib
Is your allocator providing a unique, new, or diverse pathway to DataCap? How does this allocator differentiate itself from other applicants, new or existing?
We will ask customers to provide information about their previous DataCap storage transactions, including the type of data stored, node information, etc., to verify that node information is not spread across multiple providers and to assess whether there is any misuse of data. We also require customers to be open and transparent and commit to share their DataCap allocation publicly so that we can regularly check and audit user DataCap usage.
As a member in the Filecoin Community, I acknowledge that I must adhere to the Community Code of Conduct, as well other End User License Agreements for accessing various tools and services, such as GitHub and Slack.
Additionally, I will adhere to all local & regional laws & regulations that may relate to my role as a business partner, organization, notary, or other operating entity. *
You can read the Filecoin Code of Conduct here: https://github.com/filecoin-project/community/blob/master/CODE_OF_CONDUCT.md
Acknowledgment: Acknowledge
Cient Diligence Section:
This section pertains to client diligence processes.
Who are your target clients?
Enterprise Data Clients
Describe in as much detail as possible how you will perform due diligence on clients.
1.we will do online or offline verification, depending on the client's situation
2.For institutional customers, we will review the customer's company business license, business status, official website, business scope, business scale, storage plan, content and source of stored data, etc.
3.We plan to make our audit records public through Github, including all communication records with customers during the audit process.
Please specify how many questions you'll ask, and provide a brief overview of the questions.
To ensure that customers can make use of the data in correct way, we will ask the potential users the following questions:
1)What is the purpose of your DataCap application?
2). What is your region and country of residence?
3). What is the main source of the DataCap data you are applying for?
4). What are the main types of data stored in the DataCap you are applying for?
5). How many DataCap do you plan to request and what are the planned storage area and backup quantity requirements?
6)How long do you plan to store?
7). Are you willing to pay for the storage service?
8). How often do you need to retrieve the stored data?
Will you use a 3rd-party "Know your client" (KYC) service?
Legal Assessment and Regular Audits:
We conduct thorough legal assessments to understand and stay current with local and regional data protection laws. Regular audits are performed to ensure ongoing compliance with any updates or changes in regulations.
Data Classification and Localization:
We classify data based on its sensitivity and applicability to different jurisdictions. This allows us to apply specific measures and controls based on the legal requirements of each region.
Incorporation of Privacy by Design:
Our data systems are designed with privacy in mind from the outset. We follow privacy by design principles, integrating legal requirements into the architecture of our systems and processes.
Data Encryption and Security Protocols:
Robust data encryption and security protocols are employed to safeguard data during transmission and storage. These measures align with local and regional encryption standards and guidelines.
User Consent and Transparency:
We prioritize obtaining clear and informed consent from users before collecting and processing their data. Transparent communication is maintained regarding the purpose, scope, and duration of data processing, ensuring compliance with local privacy laws.
Data Residency and Hosting Compliance:
Data residency and hosting locations are carefully chosen to align with local and regional regulations. We partner with hosting providers that comply with legal requirements to ensure data sovereignty.
Legal Expertise and Collaboration:
We maintain a legal team with expertise in data protection and privacy laws relevant to our operations. Continuous collaboration with legal experts and consultants ensures that our practices align with the evolving legal landscape.
Employee Training and Awareness:
Our staff undergoes regular training to stay informed about local and regional legal requirements. This ensures that every team member understands their role in maintaining compliance throughout our data processes.
Incident Response and Reporting:
In the event of a data breach or incident, we have established incident response procedures that comply with local and regional reporting obligations. This includes prompt notification to relevant authorities and affected individuals as required by law.
Can any client apply to your pathway, or will you be closed to only your own internal clients? (eg: bizdev or self-referral)
any client
How do you plan to track the rate at which DataCap is being distributed to your clients?
Please refer to the links below to check out rubric used to evaluate client’s application and allocation rate https://docs.google.com/spreadsheets/d/13t8WAEfOnP9cYsTIiSu51SZO5qlmaCJmlca0AnTB8bQ/edit?usp=sharing We will conduct the following allocation strategies: Diversity: Applicants from Oceania will be prioritized because of the unbalance development of Filecoin, we will contribute to this point from perspective of balances. Applicants Classification: Applicants will be classified into tow basic groups: organization and individuals. Each group is divided into three levels ( small, medium, large)in terms of their organizational reputation, business scale or individual reputation in the community. Testing allocation: As a new notary, we will do a round of testing allocation for each client category as per the allocation strategy in the initial stage and adjust accordingly in case there is any unreasonable situation for both organizational and individual clients. Credit review: We will set up a reputation credit mechanism for applicants to encourage honest, active and qualified applicants with valid and efficient DataCap usage. Each allocation will be followed by our track and review. Rewards and punishment: For applicants with good performances, higher credit scores will be given and increased DataCap will be offered for the following DataCap application. Correspondingly, for those clients with unqualified behaviors, they will be evaluated and flagged, punished or even put into blacklist in serious conditions after investigations. Ultimate goal: good applicants will be rewarded, bad will be punished and optimized gradually to form a healthy, fair, and sustainable allocation mechanism.
Data Diligence
This section will cover the types of data that you expect to notarize.
As a reminder: The Filecoin Plus program defines quality data is all content that meets local regulatory requirements AND
• the data owner wants to see on the network, including private/encrypted data
• or is open and retrievable
• or demonstrates proof of concept or utility of the network, such as efforts to improve onboarding
As an operating entity in the Filecoin Community, you are required to follow all local & regional regulations relating to any data, digital and otherwise. This may include PII and data deletion requirements, as well as the storing, transmitting, or accessing of data.
Acknowledgement: Acknowledge
What type(s) of data would be applicable for your pathway?
Public Open Dataset (Research/Non-Profit),Public Open Commercial/Enterprise
How will you verify a client's data ownership? Will you use 3rd-party KYB (know your business) service to verify enterprise clients?
Documentary Verification:
Clients are required to submit official documents, including government-issued IDs, business licenses, and other relevant legal documentation.
Digital Signatures and Authentication:
We utilize advanced digital signature and authentication methods to confirm the authenticity and origin of submitted documents.
Biometric Verification:
For enhanced security, we may incorporate biometric verification, such as fingerprint or facial recognition, to validate client identity.
Internal Database Cross-Checking:
Our internal databases are used to cross-verify provided information, ensuring consistency and identifying any potential discrepancies.
Email and Phone Verification:
Confirmation codes and automated calls are utilized to verify the accuracy of provided email addresses and phone numbers.
Third-Party KYB Services:
When applicable, we leverage a trusted third-party KYB service specializing in verifying business details, financial stability, and legal compliance. The specific KYB service provider we use is chosen based on their reputation, compliance with data protection regulations, and the comprehensiveness of their verification capabilities.
Data Security and Privacy:
Throughout the verification process, we prioritize the security and privacy of client information. All measures are taken to safeguard sensitive data, and we ensure that our practices comply with relevant data protection regulations.
Our goal is to establish a robust and secure process for verifying client data ownership, combining the strengths of internal processes and third-party services to provide a trustworthy and efficient experience for our clients.
How will you ensure the data meets local & regional legal requirements?
Legal Assessment and Continuous Monitoring: We conduct thorough assessments of local and regional data protection laws to understand the specific requirements and any updates. Regular monitoring ensures that our practices remain aligned with evolving legal landscapes. Data Classification and Localization: We classify data based on its sensitivity and the legal requirements of different jurisdictions. This enables us to apply appropriate safeguards and controls to meet the specific legal standards of each region. Privacy by Design Principles: Our systems and processes are designed with privacy by design principles. Legal requirements are integrated into the architecture, ensuring that compliance is an inherent part of our operations. Data Encryption and Security Measures: Robust data encryption and security protocols are implemented to protect data during transmission and storage, adhering to local and regional encryption standards and guidelines. User Consent and Transparent Communication: We prioritize obtaining informed and explicit consent from users before collecting and processing their data. Transparent communication ensures that users are aware of the purpose, scope, and duration of data processing, in compliance with local privacy laws. Data Residency and Hosting Compliance: Our data residency and hosting decisions are made carefully to align with local and regional regulations. We partner with hosting providers that comply with legal requirements, ensuring data sovereignty. Legal Expertise and Collaboration: We maintain a dedicated legal team with expertise in data protection and privacy laws relevant to each region of operation. Collaborating with legal experts ensures our practices are up-to-date and legally sound. Employee Training and Awareness: Regular training programs are conducted for our staff to keep them informed about local and regional legal requirements. This ensures that our team members understand their role in maintaining compliance throughout data processing. Incident Response and Reporting: In the event of a data breach or incident, we have established incident response procedures that comply with local and regional reporting obligations. This includes prompt notification to relevant authorities and affected individuals as required by law.
What types of data preparation will you support or require?
Big data, enterprise data, public information data, etc
What tools or methodology will you use to sample and verify the data aligns with your pathway?
We do robotic and human audits on a daily and weekly basis
Data Distribution
This section covers deal-making and data distribution.
As a reminder, the Filecoin Plus program currently defines distributed onboarding as multiple physical locations AND multiple storage provider entities to serve client requirements.
How many replicas will you require to meet programmatic requirements for distribution?
3+
What geographic or regional distribution will you require?
Asia minus GCR, Oceania
How many Storage Provider owner/operators will you require to meet programmatic requirements for distribution?
3+
Do you require equal percentage distribution for your clients to their chosen SPs? Will you require preliminary SP distribution plans from the client before allocating any DataCap?
Yes, we do will use template form to collect
What tooling will you use to verify client deal-making distribution?
Datacapstats.io and bot
How will clients meet SP distribution requirements?
We'll use automated robots plus secondary audits
As an allocator, do you support clients that engage in deal-making with SPs utilizing a VPN?
Allowed, but specific information needs to be disclosed
DataCap Allocation Strategy
In this section, you will explain your client DataCap allocation strategy.
Keep in mind the program principle over Limited Trust Over Time. Parties, such as clients, start with a limited amount of trust and power.
Additional trust and power need to be earned over time through good-faith execution of their responsibilities and transparency of their actions.
Will you use standardized DataCap allocations to clients?
Diversity: Applicants from Oceania will be prioritized because of the unbalance development of Filecoin, we will contribute to this point from perspective of balances.
Applicants Classification: Applicants will be classified into tow basic groups: organization and individuals. Each group is divided into three levels ( small, medium, large)in terms of their organizational reputation, business scale or individual reputation in the community.
Testing allocation: As a new notary, we will do a round of testing allocation for each client category as per the allocation strategy in the initial stage and adjust accordingly in case there is any unreasonable situation for both organizational and individual clients.
Credit review: We will set up a reputation credit mechanism for applicants to encourage honest, active and qualified applicants with valid and efficient DataCap usage. Each allocation will be followed by our track and review.
Rewards and punishment: For applicants with good performances, higher credit scores will be given and increased DataCap will be offered for the following DataCap application. Correspondingly, for those clients with unqualified behaviors, they will be evaluated and flagged, punished or even put into blacklist in serious conditions after investigations.
Ultimate goal: good applicants will be rewarded, bad will be punished and optimized gradually to form a healthy, fair, and sustainable allocation mechanism.
Will you use programmatic or software based allocations?
Yes, standardized and software based
What tooling will you use to construct messages and send allocations to clients?
Filcoin Official tools-Filecoin Plus Registry
Describe the process for granting additional DataCap to previously verified clients.
We will ask customers to provide information about their previous DataCap storage transactions, including the type of data stored, node information, etc., to verify that node information is not spread across multiple providers and to assess whether there is any misuse of data. We also require customers to be open and transparent and commit to share their DataCap allocation publicly so that we can regularly check and audit user DataCap usage.
Tooling & Bookkeeping
This program relies on many software tools in order to function. The Filecoin Foundation and PL have invested in many different elements of this end-to-end process, and will continue to make those tools open-sourced. Our goal is to increase adoption, and we will balance customization with efficiency.
This section will cover the various UX/UI tools for your pathway. You should think high-level (GitHub repo architecture) as well as tactical (specific bots and API endoints).
Describe in as much detail as possible the tools used for:
• client discoverability & applications
• due diligence & investigation
• bookkeeping
• on-chain message construction
• client deal-making behavior
• tracking overall allocator health
• dispute discussion & resolution
• community updates & comms
Will you use open-source tooling from the Fil+ team?
Filecoin Plus Registry,github repo
Where will you keep your records for bookkeeping? How will you maintain transparency in your allocation decisions?
We plan to create a list via Github to publicly record each user, including all interactions with clients during the review process. aslo, we plan to conduct all allocation decisions in public through Github.
What will your DataCap distribution look like?
N/A
Risk Mitigation, Auditing, Compliance
This framework ensures the responsible allocation of DataCap by conducting regular audits, enforcing strict compliance checks, and requiring allocators to maintain transparency and engage with the community. This approach safeguards the ecosystem, deters misuse, and upholds the commitment to a fair and accountable storage marketplace.
In addition to setting their own rules, each notary allocator will be responsible for managing compliance within their own pathway. You will need to audit your own clients, manage interventions (such as removing DataCap from clients and keeping records), and respond to disputes.
Describe your proposed compliance check mechanisms for your own clients.
Regular Check-Ins:
We will establish a schedule of regular check-ins with our clients to assess their ongoing needs, address any concerns, and ensure a clear understanding of their usage patterns.
DataCap Distribution Metrics:
We will implement a robust tracking system to monitor the distribution of DataCap to individual clients. This includes monitoring allocation, utilization, and any deviations from expected patterns.
Client Demographic Analysis:
Understanding the demographics of our clients is crucial for tailoring our services to their specific needs. We will conduct periodic analyses to ensure that DataCap distribution aligns with the diverse requirements of our client base.
Time Metrics:
Time-based metrics will be tracked to identify usage patterns and trends over different periods. This analysis will contribute to optimizing DataCap distribution strategies and ensuring efficiency.
Trust Evaluations:
We will implement trust evaluation mechanisms to assess the reliability and responsible usage of DataCap by our clients. Trust scores will be derived from factors such as adherence to usage policies and overall compliance.
Use of Specialized Tools:
Tools such as CID Checker and Retrievability Bot will be integrated into our monitoring system. CID Checker will verify the integrity of Content IDs, ensuring that data distribution is secure and reliable. Retrievability Bot will assess the retrievability of stored data, contributing to our data quality control measures.
Tolerance for New Clients:
In welcoming new clients, we understand the importance of a balanced approach that fosters growth while maintaining compliance. Our tolerance for new clients will be based on a thorough onboarding process that includes:
Due Diligence Checks:
We will conduct thorough due diligence checks to verify the legitimacy of new clients and assess their alignment with our values and policies.
Initial Compliance Assessments:
New clients will undergo an initial compliance assessment to ensure their understanding of and adherence to DataCap distribution policies.
Gradual Scaling:
Depending on the nature of the services requested, we may implement a gradual scaling approach for new clients to closely monitor and assess their compliance before increasing DataCap distribution.
Continuous Monitoring:
Ongoing monitoring will be in place for all clients, with particular attention paid to those in their initial stages of engagement to ensure a smooth and compliant integration.
By implementing these compliance check mechanisms and adopting a measured approach to onboarding new clients, we aim to maintain a high standard of data integrity, security, and responsible usage across our client base.
Describe your process for handling disputes. Highlight response times, transparency, and accountability mechanisms.
Any party involved in a dispute can initiate the resolution process by formally submitting a dispute claim. This can be done through our designated dispute resolution platform or via a dedicated communication channel.
Response Times:
We commit to prompt responses to internal disputes. Initial acknowledgment will be provided within [specific timeframe], and a comprehensive response or resolution plan will be communicated within [specific timeframe].
Transparency:
Throughout the resolution process, we maintain transparent communication with all involved parties. Updates on the status of the dispute, investigation findings, and proposed resolutions are shared in a clear and timely manner.
Accountability Mechanisms:
We have established accountability mechanisms to ensure that our decisions are fair and in compliance with our DataCap distribution policies. An internal review committee will be responsible for overseeing the resolution process and ensuring adherence to established standards.
Detail how you will announce updates to tooling, pathway guidelines, parameters, and process alterations.
We will submit the issue on github, solicit comments on the change, synthesize your comments, and if there is no agreement, we will vote
How long will you allow the community to provide feedback before implementing changes?
We're always active on github and other community groups,, and we check and respond to messages every day. We'll have a week to discuss the controversial proposals
Regarding security, how will you structure and secure the on-chain notary address? If you will utilize a multisig, how will it be structured? Who will have administrative & signatory rights?
We use a multi-signature wallet to operate, and we keep important information about other people confidential. The main exercise rights are held by the core personnel of the company (no more than three people)
Will you deploy smart contracts for program or policy procedures? If so, how will you track and fund them?
No, we don't have the technical staff for smart contract development
Monetization
While the Filecoin Foundation and PL will continue to make investments into developing the program and open-sourcing tools, we are also striving to expand and encourage high levels of service and professionalism through these new Notary Allocator pathways. These pathways require increasingly complex tooling and auditing platforms, and we understand that Notaries (and the teams and organizations responsible) are making investments into building effective systems.
It is reasonable for teams building services in this marketplace to include monetization structures. Our primary guiding principles in this regard are transparency and equity. We require these monetization pathways to be clear, consistent, and auditable.
Outline your monetization models for the services you provide as a notary allocator pathway.
Staking and Slashing Collateral:
Clients or Storage Providers (SPs) may be required to stake collateral as a commitment to compliance with our DataCap allocation policies. This collateral serves as a security measure, aligning the interests of all parties involved. In the event of non-compliance or breaches of agreed-upon terms, slashing mechanisms may be implemented, providing additional incentives for adherence.
Application Review Fee:
Clients or SPs are subject to an application review fee upon submitting a request for DataCap allocation. This fee covers the initial assessment of the application, ensuring that it meets the necessary criteria and compliance standards. The specific application review fee is [specific price point].
Data Preparation Fee:
A fee is applied for the preparation of data, including the validation, formatting, and organization required for storage on the Filecoin network. This fee compensates for the resources and expertise dedicated to ensuring data compatibility and adherence to network standards. The specific data preparation fee is [specific price point].
Data Clearinghouse Distribution Fee:
Clients or SPs may opt for a data clearinghouse distribution service, facilitating the efficient distribution of data across the Filecoin network. This service incurs a fee to cover the operational costs associated with managing and optimizing data distribution. The specific distribution fee is [specific price point].
Auditing Fee:
To ensure ongoing compliance and adherence to DataCap allocation policies, periodic audits are conducted. Clients or SPs are subject to an auditing fee to cover the costs associated with these comprehensive reviews. The specific auditing fee is [specific price point].
End-to-End Service Packages:
We offer end-to-end service packages that encompass application review, data preparation, data clearinghouse distribution, and auditing services. These packages are designed to provide a seamless experience for clients, ensuring compliance at every step of the DataCap allocation process. The specific price points for these comprehensive packages are [specific price points for each package].
Discounts and Incentives:
We may introduce discounts or incentive programs for clients or SPs who consistently demonstrate compliance, contribute positively to the Filecoin ecosystem, or engage in long-term partnerships with [Your Company]. These incentives will be communicated and applied on a case-by-case basis.
Payment Terms:
Payment terms are [Net X days], with invoices issued upon the completion of each service or as agreed upon in the service contract.
Our monetization models are structured to provide transparency, fairness, and a clear understanding of the value delivered through our services in the notary allocator pathway.
Describe your organization's structure, such as the legal entity and other business & market ventures.
We are an information technology company registered in Hong Kong, independent legal person
Where will accounting for fees be maintained?
We have regular meetings with the authorities and the community
If you've received DataCap allocation privileges before, please link to prior notary applications.
How are you connected to the Filecoin ecosystem? Describe your (or your organization's) Filecoin relationships, investments, or ownership.
we was V4 notary and miner
How are you estimating your client demand and pathway usage? Do you have existing clients and an onboarding funnel?
We will evaluate the application based on the customer's application materials and will conduct the necessary offline visits. And we have existing clients
Pathway Name:
Bewell Technology Limited Fil+ Datacap Allocator (BWTDA)
Organization:
Bewell Technology Limited
Allocator's On-chain addresss:
f1mtfp6whtd2mawpezya4vcfnvjvogdpp53i45ubq
Country of Operation:
Hongkong, Singapore, Australia
Region(s) of operation:
Asia minus GCR,Oceania
Type of allocator: What is your overall diligence process? Automated (programmatic), Market-based, or Manual (human-in-the-loop at some phase). Initial allocations to these pathways will be capped.
Manual
Amount of DataCap Requested for allocator for 12 months:
50-100pib
Is your allocator providing a unique, new, or diverse pathway to DataCap? How does this allocator differentiate itself from other applicants, new or existing?
We will ask customers to provide information about their previous DataCap storage transactions, including the type of data stored, node information, etc., to verify that node information is not spread across multiple providers and to assess whether there is any misuse of data. We also require customers to be open and transparent and commit to share their DataCap allocation publicly so that we can regularly check and audit user DataCap usage.
As a member in the Filecoin Community, I acknowledge that I must adhere to the Community Code of Conduct, as well other End User License Agreements for accessing various tools and services, such as GitHub and Slack. Additionally, I will adhere to all local & regional laws & regulations that may relate to my role as a business partner, organization, notary, or other operating entity. * You can read the Filecoin Code of Conduct here: https://github.com/filecoin-project/community/blob/master/CODE_OF_CONDUCT.md
Acknowledgment: Acknowledge
Cient Diligence Section:
This section pertains to client diligence processes.
Who are your target clients?
Enterprise Data Clients
Describe in as much detail as possible how you will perform due diligence on clients.
1.we will do online or offline verification, depending on the client's situation 2.For institutional customers, we will review the customer's company business license, business status, official website, business scope, business scale, storage plan, content and source of stored data, etc. 3.We plan to make our audit records public through Github, including all communication records with customers during the audit process.
Please specify how many questions you'll ask, and provide a brief overview of the questions.
To ensure that customers can make use of the data in correct way, we will ask the potential users the following questions:
Will you use a 3rd-party "Know your client" (KYC) service?
Legal Assessment and Regular Audits: We conduct thorough legal assessments to understand and stay current with local and regional data protection laws. Regular audits are performed to ensure ongoing compliance with any updates or changes in regulations. Data Classification and Localization: We classify data based on its sensitivity and applicability to different jurisdictions. This allows us to apply specific measures and controls based on the legal requirements of each region. Incorporation of Privacy by Design: Our data systems are designed with privacy in mind from the outset. We follow privacy by design principles, integrating legal requirements into the architecture of our systems and processes. Data Encryption and Security Protocols: Robust data encryption and security protocols are employed to safeguard data during transmission and storage. These measures align with local and regional encryption standards and guidelines. User Consent and Transparency: We prioritize obtaining clear and informed consent from users before collecting and processing their data. Transparent communication is maintained regarding the purpose, scope, and duration of data processing, ensuring compliance with local privacy laws. Data Residency and Hosting Compliance: Data residency and hosting locations are carefully chosen to align with local and regional regulations. We partner with hosting providers that comply with legal requirements to ensure data sovereignty. Legal Expertise and Collaboration: We maintain a legal team with expertise in data protection and privacy laws relevant to our operations. Continuous collaboration with legal experts and consultants ensures that our practices align with the evolving legal landscape. Employee Training and Awareness: Our staff undergoes regular training to stay informed about local and regional legal requirements. This ensures that every team member understands their role in maintaining compliance throughout our data processes. Incident Response and Reporting: In the event of a data breach or incident, we have established incident response procedures that comply with local and regional reporting obligations. This includes prompt notification to relevant authorities and affected individuals as required by law.
Can any client apply to your pathway, or will you be closed to only your own internal clients? (eg: bizdev or self-referral)
any client
How do you plan to track the rate at which DataCap is being distributed to your clients?
Please refer to the links below to check out rubric used to evaluate client’s application and allocation rate https://docs.google.com/spreadsheets/d/13t8WAEfOnP9cYsTIiSu51SZO5qlmaCJmlca0AnTB8bQ/edit?usp=sharing We will conduct the following allocation strategies: Diversity: Applicants from Oceania will be prioritized because of the unbalance development of Filecoin, we will contribute to this point from perspective of balances. Applicants Classification: Applicants will be classified into tow basic groups: organization and individuals. Each group is divided into three levels ( small, medium, large)in terms of their organizational reputation, business scale or individual reputation in the community. Testing allocation: As a new notary, we will do a round of testing allocation for each client category as per the allocation strategy in the initial stage and adjust accordingly in case there is any unreasonable situation for both organizational and individual clients. Credit review: We will set up a reputation credit mechanism for applicants to encourage honest, active and qualified applicants with valid and efficient DataCap usage. Each allocation will be followed by our track and review. Rewards and punishment: For applicants with good performances, higher credit scores will be given and increased DataCap will be offered for the following DataCap application. Correspondingly, for those clients with unqualified behaviors, they will be evaluated and flagged, punished or even put into blacklist in serious conditions after investigations. Ultimate goal: good applicants will be rewarded, bad will be punished and optimized gradually to form a healthy, fair, and sustainable allocation mechanism.
Data Diligence
This section will cover the types of data that you expect to notarize.
As a reminder: The Filecoin Plus program defines quality data is all content that meets local regulatory requirements AND • the data owner wants to see on the network, including private/encrypted data • or is open and retrievable • or demonstrates proof of concept or utility of the network, such as efforts to improve onboarding
As an operating entity in the Filecoin Community, you are required to follow all local & regional regulations relating to any data, digital and otherwise. This may include PII and data deletion requirements, as well as the storing, transmitting, or accessing of data.
Acknowledgement: Acknowledge
What type(s) of data would be applicable for your pathway?
Public Open Dataset (Research/Non-Profit),Public Open Commercial/Enterprise
How will you verify a client's data ownership? Will you use 3rd-party KYB (know your business) service to verify enterprise clients?
Documentary Verification: Clients are required to submit official documents, including government-issued IDs, business licenses, and other relevant legal documentation. Digital Signatures and Authentication: We utilize advanced digital signature and authentication methods to confirm the authenticity and origin of submitted documents. Biometric Verification: For enhanced security, we may incorporate biometric verification, such as fingerprint or facial recognition, to validate client identity. Internal Database Cross-Checking: Our internal databases are used to cross-verify provided information, ensuring consistency and identifying any potential discrepancies. Email and Phone Verification: Confirmation codes and automated calls are utilized to verify the accuracy of provided email addresses and phone numbers. Third-Party KYB Services: When applicable, we leverage a trusted third-party KYB service specializing in verifying business details, financial stability, and legal compliance. The specific KYB service provider we use is chosen based on their reputation, compliance with data protection regulations, and the comprehensiveness of their verification capabilities. Data Security and Privacy: Throughout the verification process, we prioritize the security and privacy of client information. All measures are taken to safeguard sensitive data, and we ensure that our practices comply with relevant data protection regulations. Our goal is to establish a robust and secure process for verifying client data ownership, combining the strengths of internal processes and third-party services to provide a trustworthy and efficient experience for our clients.
How will you ensure the data meets local & regional legal requirements?
Legal Assessment and Continuous Monitoring: We conduct thorough assessments of local and regional data protection laws to understand the specific requirements and any updates. Regular monitoring ensures that our practices remain aligned with evolving legal landscapes. Data Classification and Localization: We classify data based on its sensitivity and the legal requirements of different jurisdictions. This enables us to apply appropriate safeguards and controls to meet the specific legal standards of each region. Privacy by Design Principles: Our systems and processes are designed with privacy by design principles. Legal requirements are integrated into the architecture, ensuring that compliance is an inherent part of our operations. Data Encryption and Security Measures: Robust data encryption and security protocols are implemented to protect data during transmission and storage, adhering to local and regional encryption standards and guidelines. User Consent and Transparent Communication: We prioritize obtaining informed and explicit consent from users before collecting and processing their data. Transparent communication ensures that users are aware of the purpose, scope, and duration of data processing, in compliance with local privacy laws. Data Residency and Hosting Compliance: Our data residency and hosting decisions are made carefully to align with local and regional regulations. We partner with hosting providers that comply with legal requirements, ensuring data sovereignty. Legal Expertise and Collaboration: We maintain a dedicated legal team with expertise in data protection and privacy laws relevant to each region of operation. Collaborating with legal experts ensures our practices are up-to-date and legally sound. Employee Training and Awareness: Regular training programs are conducted for our staff to keep them informed about local and regional legal requirements. This ensures that our team members understand their role in maintaining compliance throughout data processing. Incident Response and Reporting: In the event of a data breach or incident, we have established incident response procedures that comply with local and regional reporting obligations. This includes prompt notification to relevant authorities and affected individuals as required by law.
What types of data preparation will you support or require?
Big data, enterprise data, public information data, etc
What tools or methodology will you use to sample and verify the data aligns with your pathway?
We do robotic and human audits on a daily and weekly basis
Data Distribution
This section covers deal-making and data distribution.
As a reminder, the Filecoin Plus program currently defines distributed onboarding as multiple physical locations AND multiple storage provider entities to serve client requirements.
Recommended Minimum: 3 locations, 4 to 5 storage providers, 5 copies
How many replicas will you require to meet programmatic requirements for distribution?
3+
What geographic or regional distribution will you require?
Asia minus GCR, Oceania
How many Storage Provider owner/operators will you require to meet programmatic requirements for distribution?
3+
Do you require equal percentage distribution for your clients to their chosen SPs? Will you require preliminary SP distribution plans from the client before allocating any DataCap?
Yes, we do will use template form to collect
What tooling will you use to verify client deal-making distribution?
Datacapstats.io and bot
How will clients meet SP distribution requirements?
We'll use automated robots plus secondary audits
As an allocator, do you support clients that engage in deal-making with SPs utilizing a VPN?
Allowed, but specific information needs to be disclosed
DataCap Allocation Strategy
In this section, you will explain your client DataCap allocation strategy.
Keep in mind the program principle over Limited Trust Over Time. Parties, such as clients, start with a limited amount of trust and power. Additional trust and power need to be earned over time through good-faith execution of their responsibilities and transparency of their actions.
Will you use standardized DataCap allocations to clients?
Yes, standardized
Allocation Tranche Schedule to clients:
Please refer to the links below to check out rubric used to evaluate client’s application and allocation rate https://docs.google.com/spreadsheets/d/13t8WAEfOnP9cYsTIiSu51SZO5qlmaCJmlca0AnTB8bQ/edit?usp=sharing We will conduct the following allocation strategies:
Diversity: Applicants from Oceania will be prioritized because of the unbalance development of Filecoin, we will contribute to this point from perspective of balances. Applicants Classification: Applicants will be classified into tow basic groups: organization and individuals. Each group is divided into three levels ( small, medium, large)in terms of their organizational reputation, business scale or individual reputation in the community. Testing allocation: As a new notary, we will do a round of testing allocation for each client category as per the allocation strategy in the initial stage and adjust accordingly in case there is any unreasonable situation for both organizational and individual clients. Credit review: We will set up a reputation credit mechanism for applicants to encourage honest, active and qualified applicants with valid and efficient DataCap usage. Each allocation will be followed by our track and review. Rewards and punishment: For applicants with good performances, higher credit scores will be given and increased DataCap will be offered for the following DataCap application. Correspondingly, for those clients with unqualified behaviors, they will be evaluated and flagged, punished or even put into blacklist in serious conditions after investigations. Ultimate goal: good applicants will be rewarded, bad will be punished and optimized gradually to form a healthy, fair, and sustainable allocation mechanism.
Will you use programmatic or software based allocations?
Yes, standardized and software based
What tooling will you use to construct messages and send allocations to clients?
Filcoin Official tools-Filecoin Plus Registry
Describe the process for granting additional DataCap to previously verified clients.
We will ask customers to provide information about their previous DataCap storage transactions, including the type of data stored, node information, etc., to verify that node information is not spread across multiple providers and to assess whether there is any misuse of data. We also require customers to be open and transparent and commit to share their DataCap allocation publicly so that we can regularly check and audit user DataCap usage.
Tooling & Bookkeeping
This program relies on many software tools in order to function. The Filecoin Foundation and PL have invested in many different elements of this end-to-end process, and will continue to make those tools open-sourced. Our goal is to increase adoption, and we will balance customization with efficiency.
This section will cover the various UX/UI tools for your pathway. You should think high-level (GitHub repo architecture) as well as tactical (specific bots and API endoints).
Describe in as much detail as possible the tools used for: • client discoverability & applications • due diligence & investigation • bookkeeping • on-chain message construction • client deal-making behavior • tracking overall allocator health • dispute discussion & resolution • community updates & comms
Slack,Telegram,Wechat,Github Jotform:boost Filscan Manual trigger boot T&T Github,Slack
Will you use open-source tooling from the Fil+ team?
Filecoin Plus Registry,github repo
Where will you keep your records for bookkeeping? How will you maintain transparency in your allocation decisions?
We plan to create a list via Github to publicly record each user, including all interactions with clients during the review process. aslo, we plan to conduct all allocation decisions in public through Github.
What will your DataCap distribution look like?
N/A
Risk Mitigation, Auditing, Compliance
This framework ensures the responsible allocation of DataCap by conducting regular audits, enforcing strict compliance checks, and requiring allocators to maintain transparency and engage with the community. This approach safeguards the ecosystem, deters misuse, and upholds the commitment to a fair and accountable storage marketplace.
In addition to setting their own rules, each notary allocator will be responsible for managing compliance within their own pathway. You will need to audit your own clients, manage interventions (such as removing DataCap from clients and keeping records), and respond to disputes.
Describe your proposed compliance check mechanisms for your own clients.
Regular Check-Ins: We will establish a schedule of regular check-ins with our clients to assess their ongoing needs, address any concerns, and ensure a clear understanding of their usage patterns. DataCap Distribution Metrics: We will implement a robust tracking system to monitor the distribution of DataCap to individual clients. This includes monitoring allocation, utilization, and any deviations from expected patterns. Client Demographic Analysis: Understanding the demographics of our clients is crucial for tailoring our services to their specific needs. We will conduct periodic analyses to ensure that DataCap distribution aligns with the diverse requirements of our client base. Time Metrics: Time-based metrics will be tracked to identify usage patterns and trends over different periods. This analysis will contribute to optimizing DataCap distribution strategies and ensuring efficiency. Trust Evaluations: We will implement trust evaluation mechanisms to assess the reliability and responsible usage of DataCap by our clients. Trust scores will be derived from factors such as adherence to usage policies and overall compliance. Use of Specialized Tools: Tools such as CID Checker and Retrievability Bot will be integrated into our monitoring system. CID Checker will verify the integrity of Content IDs, ensuring that data distribution is secure and reliable. Retrievability Bot will assess the retrievability of stored data, contributing to our data quality control measures. Tolerance for New Clients: In welcoming new clients, we understand the importance of a balanced approach that fosters growth while maintaining compliance. Our tolerance for new clients will be based on a thorough onboarding process that includes: Due Diligence Checks: We will conduct thorough due diligence checks to verify the legitimacy of new clients and assess their alignment with our values and policies. Initial Compliance Assessments: New clients will undergo an initial compliance assessment to ensure their understanding of and adherence to DataCap distribution policies. Gradual Scaling: Depending on the nature of the services requested, we may implement a gradual scaling approach for new clients to closely monitor and assess their compliance before increasing DataCap distribution. Continuous Monitoring: Ongoing monitoring will be in place for all clients, with particular attention paid to those in their initial stages of engagement to ensure a smooth and compliant integration. By implementing these compliance check mechanisms and adopting a measured approach to onboarding new clients, we aim to maintain a high standard of data integrity, security, and responsible usage across our client base.
Describe your process for handling disputes. Highlight response times, transparency, and accountability mechanisms.
Any party involved in a dispute can initiate the resolution process by formally submitting a dispute claim. This can be done through our designated dispute resolution platform or via a dedicated communication channel. Response Times:
We commit to prompt responses to internal disputes. Initial acknowledgment will be provided within [specific timeframe], and a comprehensive response or resolution plan will be communicated within [specific timeframe]. Transparency:
Throughout the resolution process, we maintain transparent communication with all involved parties. Updates on the status of the dispute, investigation findings, and proposed resolutions are shared in a clear and timely manner. Accountability Mechanisms:
We have established accountability mechanisms to ensure that our decisions are fair and in compliance with our DataCap distribution policies. An internal review committee will be responsible for overseeing the resolution process and ensuring adherence to established standards.
Detail how you will announce updates to tooling, pathway guidelines, parameters, and process alterations.
We will submit the issue on github, solicit comments on the change, synthesize your comments, and if there is no agreement, we will vote
How long will you allow the community to provide feedback before implementing changes?
We're always active on github and other community groups,, and we check and respond to messages every day. We'll have a week to discuss the controversial proposals
Regarding security, how will you structure and secure the on-chain notary address? If you will utilize a multisig, how will it be structured? Who will have administrative & signatory rights?
We use a multi-signature wallet to operate, and we keep important information about other people confidential. The main exercise rights are held by the core personnel of the company (no more than three people)
Will you deploy smart contracts for program or policy procedures? If so, how will you track and fund them?
No, we don't have the technical staff for smart contract development
Monetization
While the Filecoin Foundation and PL will continue to make investments into developing the program and open-sourcing tools, we are also striving to expand and encourage high levels of service and professionalism through these new Notary Allocator pathways. These pathways require increasingly complex tooling and auditing platforms, and we understand that Notaries (and the teams and organizations responsible) are making investments into building effective systems.
It is reasonable for teams building services in this marketplace to include monetization structures. Our primary guiding principles in this regard are transparency and equity. We require these monetization pathways to be clear, consistent, and auditable.
Outline your monetization models for the services you provide as a notary allocator pathway.
Staking and Slashing Collateral: Clients or Storage Providers (SPs) may be required to stake collateral as a commitment to compliance with our DataCap allocation policies. This collateral serves as a security measure, aligning the interests of all parties involved. In the event of non-compliance or breaches of agreed-upon terms, slashing mechanisms may be implemented, providing additional incentives for adherence. Application Review Fee: Clients or SPs are subject to an application review fee upon submitting a request for DataCap allocation. This fee covers the initial assessment of the application, ensuring that it meets the necessary criteria and compliance standards. The specific application review fee is [specific price point]. Data Preparation Fee: A fee is applied for the preparation of data, including the validation, formatting, and organization required for storage on the Filecoin network. This fee compensates for the resources and expertise dedicated to ensuring data compatibility and adherence to network standards. The specific data preparation fee is [specific price point]. Data Clearinghouse Distribution Fee: Clients or SPs may opt for a data clearinghouse distribution service, facilitating the efficient distribution of data across the Filecoin network. This service incurs a fee to cover the operational costs associated with managing and optimizing data distribution. The specific distribution fee is [specific price point]. Auditing Fee: To ensure ongoing compliance and adherence to DataCap allocation policies, periodic audits are conducted. Clients or SPs are subject to an auditing fee to cover the costs associated with these comprehensive reviews. The specific auditing fee is [specific price point]. End-to-End Service Packages: We offer end-to-end service packages that encompass application review, data preparation, data clearinghouse distribution, and auditing services. These packages are designed to provide a seamless experience for clients, ensuring compliance at every step of the DataCap allocation process. The specific price points for these comprehensive packages are [specific price points for each package]. Discounts and Incentives: We may introduce discounts or incentive programs for clients or SPs who consistently demonstrate compliance, contribute positively to the Filecoin ecosystem, or engage in long-term partnerships with [Your Company]. These incentives will be communicated and applied on a case-by-case basis. Payment Terms: Payment terms are [Net X days], with invoices issued upon the completion of each service or as agreed upon in the service contract. Our monetization models are structured to provide transparency, fairness, and a clear understanding of the value delivered through our services in the notary allocator pathway.
Describe your organization's structure, such as the legal entity and other business & market ventures.
We are an information technology company registered in Hong Kong, independent legal person
Where will accounting for fees be maintained?
We have regular meetings with the authorities and the community
If you've received DataCap allocation privileges before, please link to prior notary applications.
https://github.com/filecoin-project/notary-governance/issues/679
How are you connected to the Filecoin ecosystem? Describe your (or your organization's) Filecoin relationships, investments, or ownership.
we was V4 notary and miner
How are you estimating your client demand and pathway usage? Do you have existing clients and an onboarding funnel?
We will evaluate the application based on the customer's application materials and will conduct the necessary offline visits. And we have existing clients