search

filecoin-project / Allocator-Governance

4 stars 7 forks source link

[Allocator Application] <StudyBlock>< StudyBlock Allocator> PR #70 #71

Open martapiekarska opened 5 days ago

martapiekarska commented 5 days ago

Allocator Application

Application Number

recjuar7MnhvqZU2w

Organization Name

StudyBlock

Organization On-chain Identity

f1i7m7xzuajypjo7424lh2adah2hsjiuuldlnkoiq

Allocator Pathway Name

StudyBlock Allocator

Github PR Number

70

Region of Operation

Africa,Asia minus GCR,Europe,Greater China Region,North America,Oceania,South America

GitHub ID

Neilneil333

On-chain address

I will provide an address on a later date

Type of Allocator

Similar to existing allocator pathways

Filecoin Community Agreement

As a member in the Filecoin Community, I acknowledge that I must adhere to the Community Code of Conduct, as well other End User License Agreements for accessing various tools and services, such as GitHub and Slack. Additionally, I will adhere to all local & regional laws & regulations that may relate to my role as a business partner, organization, notary, allocator, or other operating entity Acknowledge

Type of Allocator and RFA List

Manual - Existing similar diligence pathway

Allocator Description

Why do you think there is space and need for an additional manual diligence pathway? The current pathways for Filecoin datacap approvals are primarily designed for general storage providers across various sectors. However, the online education sector has unique requirements that warrant a specialized pathway:

  1. Specific Data Requirements: Online education platforms require tailored data management protocols for educational content, user interaction data, and student privacy, distinct from general storage use cases.
  2. Quality Assurance: Ensuring reliable access to educational resources is crucial. A specialized pathway can focus on verifying the reliability, accessibility, and responsiveness of data storage solutions specific to educational content.
  3. Compliance and Security: Educational institutions must comply with stringent data protection regulations. A specialized pathway can include enhanced checks for compliance with these regulations, ensuring data security and privacy.
  4. Performance Metrics: Online education demands consistent performance metrics such as low latency and optimized bandwidth for global content delivery. These metrics can be prioritized and improved upon in a dedicated pathway.
  5. Tailored Support: Educational institutions seek customized support for storage solutions that align with curriculum delivery models, including multimedia content and interactive learning tools.

    What metrics will you improve upon?

    In establishing a specialized manual diligence pathway for online education datacap approvals, the following metrics can be enhanced compared to existing pathways:

  6. Educational Content Integrity: Focus on verifying the integrity and authenticity of educational content stored on Filecoin, ensuring it remains unaltered and secure.
  7. Performance Optimization: Enhance metrics related to storage performance, including latency reduction and bandwidth optimization, to support seamless global content delivery.
  8. Compliance Adherence: Implement rigorous checks to ensure compliance with educational data privacy laws and regulations, providing assurances regarding data protection and privacy.
  9. Resource Scalability: Prioritize scalability in storage solutions to meet the growing demands of educational content delivery. These enhancements aim to address the specific needs of the online education sector and ensure robust, compliant, and efficient data storage solutions on the Filecoin network.

Contributions to EcosystemBuild better data onboarding pathway,Onboard >10PiBs of Data

Monetization and Fee structure

None.

Target Clients

Commercial/Enterprise,Nonprofit organizations,Individuals,Open/Public

Client Diligence Check

Client promise/attestation,Manual verification

Description of client diligence

Description of Client Diligence Our pathway verifies clients and establishes initial trust through a multi-step approach:

Verification Mechanism: We utilize a comprehensive verification process that includes identity verification, background checks, and validation of business credentials for enterprise clients.

Mitigating Sybil Attacks: To prevent sybil attacks, we implement rate limits and deterministic checks in our automated verification system. This ensures that each entity is verified based on unique, identifiable criteria before datacap allocation.

Authenticity Verification: For enterprise or paying clients, we validate data ownership claims through documentation review, including contracts and digital signatures. This ensures the authenticity and legitimacy of the data stored on Filecoin.

Audit Trail: We maintain detailed records and evidence of our client diligence process. This includes providing auditable proof to the Governance Team, demonstrating compliance with regulatory requirements and best practices in data security and privacy.

This approach ensures robust client verification and trust establishment, safeguarding against potential security risks and ensuring integrity within the Filecoin ecosystem.

Type of data

Public, open, and retrievable

Description of Data Diligence

Description of Data Diligence To verify clients within our specialized online education program:

Scope Verification: We perform rigorous checks to ensure clients' data aligns with online education scope requirements, focusing on educational content integrity and compliance with regional legal standards.

Ownership and Compliance: We validate data ownership through contract reviews and digital signatures, ensuring adherence to local and regional data protection laws such as GDPR and FERPA.

Data Sampling: We employ systematic data sampling techniques to verify the accuracy and integrity of stored educational content, ensuring it matches initial client claims.

Verification Tools: Utilizing blockchain technology and cryptographic proofs, we confirm that data stored in Filecoin deals corresponds accurately with client-provided claims.

Audit Proofs: We maintain detailed documentation and audit trails of our data diligence process, including verification results, legal compliance checks, and data sampling outcomes. These proofs are readily available for review by the Governance team during audits.

This approach guarantees robust data integrity and compliance within the online education sector, enhancing trust and reliability in our Filecoin allocator services.

Data Preparation

Client-provided,Singularity,Other existing ecosystem tooling

Replicas required, verified by CID checker

4+

Distribution required

Equal distribution of deals across regions

Number of Storage Providers required

4+

Retrieval Requirements

Public data highly retrievable over Spark.

Allocation Tranche Schedule TypeManual or other allocation schedule.

Initial Maximum for Each Client: Clients in the initial stages may be subject to restrictions on the overall cap to ensure fair distribution and prevent misuse. This initial cap can gradually increase as the client's participation and reputation grow in the network. Dynamic Adjustment of Overall Cap: With improvements in a client's performance and reputation within the Filecoin network, the overall cap can be dynamically adjusted. This encourages clients to contribute valuable data and actively engage in the Filecoin ecosystem. Allocator Always Follows a ""Limited Trust Over Time"" Approach: More Datacap is gradually released over time based on the time process, such as doubling the rate from the previous round. For example:

First Round: 512 TiB Second Round: 1 PiB Third Round: 2 PiB Fourth Round: 2 PiB Overall Cap for Each Client: (2 PiB)

Will you use FIDL tooling, such as allocator.tech and other bots?

Yes, some tools

GitHub Bookkeeping Repo Link

https://github.com/filecoin-project/Allocator-Governance/pull/70

Success metrics

Number of clients,Retrievability of data,Amount of data onboarded, daily & aggregate,Speed of allocations (TTD)

Timeline to begin allocating to clients

1 week from RKH approval

Funnel: Expected DataCap usage over 12 months

50-75PiB

Risk mitigation strategies

To protect our organization, reputation, and pathway for our specialized online education Filecoin allocator, we will implement robust risk mitigation strategies:

Operational Security (OpSec) Standards: Adhere to industry best practices for OpSec, including regular security audits, encryption of sensitive data, and access control measures to safeguard against unauthorized access.

User Agreements: Require clients to sign comprehensive user agreements outlining acceptable use policies, data ownership rights, and compliance with legal regulations such as GDPR and FERPA. These agreements ensure clarity and accountability in data handling practices.

Alert Systems: Implement real-time monitoring and alert systems to detect suspicious activities or anomalies in DataCap utilization patterns. Alerts will trigger immediate investigation and response to mitigate potential threats or abuse.

Throttling Mechanisms: Employ rate limiting and throttling mechanisms to control and limit the speed or frequency of data transactions, preventing overload scenarios or abusive usage patterns that could compromise network stability or performance.

Audits and Compliance Checks: Conduct regular audits of client accounts and data transactions to verify compliance with contractual obligations and regulatory requirements. These audits provide assurance of data integrity, security, and legal compliance.

Education and Training: Provide ongoing education and training to clients on best practices for secure data storage and management on Filecoin. This empowers clients to uphold security standards and mitigate risks from their end.

Incident Response Plan: Develop and maintain an incident response plan outlining procedures for handling security incidents, including communication protocols, escalation paths, and post-incident reviews to continuously improve response effectiveness.

Reputation Management: Monitor online reputation and feedback channels to promptly address any issues or concerns raised by clients or stakeholders. Swift resolution and transparency demonstrate commitment to maintaining trust and credibility.

By implementing these risk mitigation strategies, we aim to protect our organization, uphold our reputation, and maintain the integrity of our Filecoin allocator pathway dedicated to serving the online education sector securely and responsibly.

Dispute Resolutions

Response time: within 48 hours. Upon receipt of relevant dispute information, I will initiate the process of handling the dispute within 48 hours. Transparency: I will create the proposal on GitHub or Google Public Forms and allow parties to leave comments and submit evidence below the proposal. Dispute communication: Slack or Zoom online meetings. All parties are encouraged to communicate via Slack or Zoom online meetings to express their views and opinions. Accountability Mechanism: If a customer violates the law, penalties will be applied, including deletion of the remaining DataCap credits, blacklisting of the customer and the SP, and barring the customer from reapplying.

Compliance Audit Check

Regular checking: Check the utilization of DataCap regularly.

Track DataCap allocation metrics: Utilize tools such as datacapstats.io, CID checker bots, etc. to monitor DataCap allocation and usage, focusing on key metrics such as DataCap residuals, allocation frequency, and more.

Monitor time metrics: Track time patterns of client DataCap usage, such as frequency and duration of use, to ensure proper allocation. Regularly assess whether clients are completing data storage and usage on time to manage DataCap effectiveness.

Trust Assessment: Conduct an initial trust assessment of new customers, including their historical credit history and business reputation. When they demonstrate compliance and reliability, their trust score, as well as their DataCap allocation, increases.

Use tools such as CID Checker/Retrievability Bot: Utilize tools such as CID Checker to validate the data stored by the client to ensure it matches the declared data. Retrievability bots can be used to monitor and verify the retrievability of data and ensure that clients are adhering to storage protocols.

Compliance Report content presented for audit

Success metric: onchain report of data onboarded,Client Diligence: Client statements, client provided verification,Client Diligence: KYC/KYB report on clients,Data Compliance: Data Samples,Data Compliance: Manual report,Compliance: CID report.

Connections to Filecoin Ecosystem

Big data contributor

Slack ID

Edison

Neilneil333 commented 4 days ago

Updation f2 multi-signature address: f2o3h3fgyf7sjfpzo75zgukaz3nmyw7cvh6nkxpca

Neilneil333 commented 3 days ago

Updation GitHub Bookkeeping Repo Link:https://github.com/Neilneil333/StudyBlock