Add UI for registering as a provider

[turinglabsorg]

@irenegia do we need to collect some data? or it will be just a web3 signin process at the moment?

[turinglabsorg]

@irenegia should this be done on-chain or off-chain? For example we should require an initial deposit to subscribe?

Also making a list of required fields needed to be inserted into signing page:

• Miner ID
• Filecoin address
• E-Mail?

[irenegia]

@irenegia should this be done on-chain or off-chain? For example we should require an initial deposit to subscribe?

on-chain info

Also making a list of required fields needed to be inserted into signing page:

• Miner ID
• Filecoin address
• E-Mail?

E-Mail may be optional?

@nicola anything else we should request for providers?

[nicola]

we only need miner id on-chain, all the other info don't need to be there.

[irenegia]

@Steve-Rog could you please upload a screenshot of the last version of the form?

The form right asks for

• filecoin actor address (f2....)
• ipsf address (to use for the data exchange)
• email (optional)
• name (optiona) and created a provider id number specific for the retrievability consortium

[irenegia]

Question: how is the sign up request sent? how is this collect?

What about someone that try to impersonate a provider (ie, bad guy subscribe an unaware provider to the protocol)? Is this possible/ is this a problem?

If yes, how can we avoid this? Ie, how do verify provider identity ?

[nicola]

folks we should not put emails on-chain and not even Filecoin addresses, this is an IPFS-based service

[Steve-Rog]

@irenegia Here is the screenshot of the form. I modified a few small details after yesterday's call, if there is anything else to modify I am at your disposal.

[turinglabsorg]

folks we should not put emails on-chain and not even Filecoin addresses, this is an IPFS-based service

If it's not needed it's easier, there's nothing on-chain regarding the form. Only on-chain data is provider endpoint, which is needed to make p2p connections without relay to a centralized server. Any other data (e-mail, name etc) it's inside an off-chain storage.

@Steve-Rog remove the Filecoin address field please.

[Steve-Rog]

@turinglabsorg field removed

[irenegia]

okay, I had a clarifying discussion with Seb, I am writing the outcome here so everyone has context about what the alpha protocol does:

1) in our protocol providers and referees are connected via an ad-hoc p2p network, the "provider endpoint" requested in the sign up form is the address used to talk with the provider in this network (eg https://pippo.xyz);

2) IPFS is used:

• by the client to upload the file (pin and getting the CID used in the deal proposal)
• by the provider to retrieve the file during an appeal (once the provider has the file, it serve it to the referees using our p2p network) --> const file = await axios.get("https://pippo.xyz" + "/ipfs/" + hash)

3) we do not need any form of authentication in the sign up form: even if a guy provides the end point of another (unaware) provider, then the bad guy can not make the provider loose collaterals/tokens.

CC @nicola can you give me a 👍 / 👎 to this ?

[Steve-Rog]

The registration pages and API have been implemented and are online at the test site. I have also changed the text of the disclaimer as you indicated to me yesterday @irenegia.

If I need to change anything else, I am at your disposal. The task is currently completed

[turinglabsorg]

Closing because we decided to move the signup process to the CLI so the provider don't need to handle with user interfaces and share keys between node and browser. Adding a small video of the feature we built.

https://user-images.githubusercontent.com/14848252/183238468-8379c18e-3a92-4de0-8d10-ffe3bfd27963.mp4

.