search

filecoin-project / notary-governance

115 stars 58 forks source link

Notary Application: IPFSMain - Neo Ge #11

Closed neogeweb3 closed 3 years ago

neogeweb3 commented 3 years ago

Notary Application

Core Information

Long Term Network Alignment

Time Commitment

Describe the nature and duration of your affiliation with the Filecoin project. Please include relevant Github handles, miner ids, significant projects or contributions (with links).

As an individual, I have worked as a crypto miner for over 7 years. 
I’ve been a part of the Filecoin community since 2017 and founded IPFSMain in 2018. 
I am also one of the Slingshot community reviewers who are helping evaluate applicant projects. 
I recently have been nominated to serve in the Filecoin Foundation Mining Working Group. 

As an organization, IPFSMain is a leading service provider committed to comprehensive Filecoin mining solutions in a cost-effective way. 
We have built quite an extensive relationship with the Filecoin community since its initial launch back in 2017, 
and as a result, have sustained countless contributions to the overall network. 
Just to name a few, we've helped out with both phase 1 & 2 of the trusted ceremony setup, ranked #1 in the Space Race, 
and presented in multiple Filecoin talks and panels (i.e., Miner Show & Tell, Mining Hardware & Architecture, etc.). 
We’ve also held and participated in over 100 events around the world. 
These events include blockchain summits, conferences, online and offline meetups, hackathons, and online streaming events. 
With these events, we have influenced over 3 million people globally. 
Pictures and snapshots of some of these events can be found on our Chinese website: https://www.ipfsmain.cn/aboutus 

We have multiple miners running on the Filecoin network; here are 2 well-known nodes since SR1: f01235 & f09037.

Stake Exposure

Please cite total token at stake (currently available, locked as collateral, vesting over time) and any substantiating evidence.

The total FIL at stake is 1.3MM, with the following miners f01235 & f09037 as collaterals by the date of November 12, 2020.

Industry Reputation

In-protocol Reputation

Please describe (in detail) your activity and tenure as a member of the Filecoin community. Please note (with links where possible) any contributions made to implementations of Filecoin, the spec, documentation, or to substantially help the Filecoin ecosystem grow. 

As a member of the Filecoin community, we have
- joined the Lab Day's Panel on August 18th, 2018, at San Francisco: https://youtu.be/ztPi2e21Mw4  
- presented at the GDIS on October 1st, 2018, at Santa Clara: https://youtu.be/ZHMejeZJdXY  
- joined the IPFS Camp on June 27-30, 2019, in Barcelona: https://youtu.be/kc_dxO-V8YM 
- held the DSAS on July 13th, 2019, in Shenzhen and invited PL members to present: https://www.youtube.com/playlist?list=PL2Vjsl9pQ2TJAbx8JZLsfRQZj0yZPgPhf  
- sponsored the Tokyo and Osaka IPFS Meetups during Devcon V in Japan: https://gihyo.jp/news/report/2019/10/2302?page=2  
- contributed some translation work to help the ecosystem grow: https://blog.ipfs.io/46-ipfs-weekly-12/ 
More recently, we have
- contributed our resources to help complete both phase 1 & 2 of the trusted ceremony setup: https://filecoin.io/blog/roadmap-update-august-2020/ 
- sponsored the HackFS Hackathon: https://hackfs.com/
- joined the Miner Show & Tell panel during Space Race: https://youtu.be/M8rFiweyKyk
- ranked at the top of the SR1 leaderboard: https://spacerace.filecoin.io/
- helped set up the Bootstrap Node: https://github.com/filecoin-project/lotus/blob/master/build/bootstrap/bootstrappers.pi 
- joined multiple events like the Mining Hardware & Architecture talk and the Miner Spotlight panel during Filecoin Liftoff Week: https://filecoin.io/blog/mainnet-liftoff-day2/
More links can be provided upon request. 
On behalf of IPFSMain, I've also had the pleasure of actively cultivating the success of other members within the Filecoin ecosystem through my role as a Slingshot community reviewer.

In-protocol Security

Please describe your contributions to the security of Filecoin and the duration over which you've made contributions. Please also include any links or references who might be able to substantiate your contributions (e.g. if you've filed several bugs, please cite who you've communicated with on the Filecoin side). 

Our team and I have identified several bugs during the past two years and have informed the Filecoin team accordingly. 
Please check with @why, who will be able to substantiate our contributions.

External Reputation

Please describe the nature of your organization, including the country of registration, size of the organization, and time since inception.

IPFSMain is a private company founded on April 28, 2018, in Shenzhen, China. 
The company is for-profit, and its country of registration is China. 
At the moment, we have over 50 employees working at the Shenzhen headquarters since its inception 2 years ago.

Please share any relevant details to help substantiate information about your organization (website, named officers, links to social media profiles).

IPFSMain Website: https://www.IPFSMain.cn 
IPFSMain Twitter: https://twitter.com/IPFSMain 
IPFSMain LinkedIn: https://www.linkedin.com/company/IPFSMain 
IPFSMain Facebook Page: https://www.facebook.com/IPFSMain 
IPFSMain Instagram: https://www.instagram.com/IPFSMain

Please share any relevant external information regarding your organization (e.g. news articles, social media profiles, etc.)

https://decrypt.co/41702/space-race-filecoin-hackathon-video 
https://forkast.news/filecoin-space-race-miners-challenged-with-network-upgrades/ 
https://www.chaintalk.tv/tv/10-questions-about-filecoin-with-ipfs-main/ 
https://hackernoon.com/we-plan-to-establish-the-first-ipfs-node-on-mars-says-filecoin-miner-neo-ge-ke2c3whe 
(Some other relevant external news links in Chinese: 
https://cointelegraphcn.com/news/beep-with-ipfsmain-ceo-li-yandong 
https://www.chaindd.com/3326120.html 
http://www.pcpop.com/article/6317692.shtml 
http://www.shilian.com/baike/185381.html 
https://www.zilian8.com/33547.html)

Diversity and Decentralization

Use Case Diversity

(Optional) Any additional information you'd like to share about the use case(s) you plan to support?

I plan to support multiple use cases; the percentage will be determined by my knowledge and usage expectation, 
which may vary depending on the variable circumstances of each scenario and different regions. 
- 35% - user content (personal user storage)
- 25% - scientific datasets (AI training, geological data, autonomous driving) 
- 40% - media & entertainment (video & music)

Allocation Plan

Concreteness of Allocation Plan

Allocation Strategy

How do you plan on allocating the DataCap requested above? Please describe your allocation strategy with as much specificity as you can.

Allocating the DataCap is all about distinguishing rational clients from malicious clients, and as such, 
my allocation strategy seeks to emphasize the key question "how much does the Notary trust the client?" rather than "does the Notary trust the client?".

Similar to Philip and Julien's strategy, I also plan on setting up thresholds with varying degrees of trust. 
The way we traditionally audit Notaries can also be used to audit clients as well. Below, I've created 7 varying degrees of trust. 
The following Rubric will be the primary guideline I use when evaluating a client and determining their DataCap allocation. 
These scoring guidelines can serve as a tool of assessment and further add a level of consistency across the board. 

https://docs.google.com/spreadsheets/d/1zQ3FXJmmBMmynDIdRjYTYp-K95Dp95ypVoBfRhABPC0/edit?usp=sharing

Are there any internal processes you plan on implementing regarding the target, amount, or rate at which you'll allocate DataCap? 

There aren’t many internal processes, as most of these processes are external and open to the public for transparency purposes. 
The only few internal processes like confidential information collection or the execution of Due Diligence will be conducted privately. 
However, the Due Diligence procedure will only be triggered when I am unable to verify the client’s legitimacy with the given information. 
Some third-party tools may also be used to collect the information of prospective clients over Github repo in order to help score and determine their DataCap allocations.

How do you plan on securing the DataCap to ensure your organization (and its delegated members) are the ones allocating the DataCap?

A hardware wallet will be used to store the keys associated with the DataCap allocation address securely.

Client Due Diligence

How will you vet your Client to ensure they are spending that DataCap responsibly?

In general, the higher the DataCap thresholds are, the more restricted the client scrutiny would be. 
For individual clients, online identity will be verified by both account age and account activity perspectives, 
and this will serve to prove that they are valid users and not bots or sybils. 
Third-party tools like twitteraudit may also be used to verify online identities. 

For organizational clients, application organizations should be easy to verify through the appearance of their application. 
The developing applications may require further stringent investigation; 
this is to ensure that the application is valid and enclosed with meaningful content, rather than the shell of a malicious client. 
Large public datasets hosted by organizational clients are easy to verify because the data should be unencrypted and accessible to anyone. 
However, in the event that the organizational client has large private encrypted datasets(i.e., law firms), the Due Diligence procedure will be executed.

Below is the proposed procedure of Due Diligence. We need 3 types of information for review by myself or our compliance team depending on the volume of clients required Due Diligence:
1. Entity Information
 - Formation documents - this includes certificates of registration/incorporation/information; 
 - government-issued identification number for the entity
2. Authorized Signatory Information
 - evidence of the authorized signatory’s authority to act on behalf of the application entity (evidence include written consent of the company board of directors, or a secretary’s certificate, a signed letter from the applicant’s CFO, or may be included in the company operation agreement); 
 - close-up photo of the signatory’s face next to the visible passport or other government-issued photo-bearing ID
3. Beneficial Owners - If there are any 25%+ shareholders, we need a document as a capitalization table, operating agreement, or similar to verify the ownership, and also the following information for each of them: 
 - legal name;
 - date of birth; 
 - street address (P.O. box number is not acceptable); 
 - a government-issued identification number, which shall be either an SSN, ITIN, passport number and country of issuance, alien identification card number, or number and country of issuance of any other government-issued document evidencing nationality or residence; 
 - copy of an unexpired passport or other government-issued document evidencing the individual's nationality or residence which bears a photograph of the individual.

What questions will you ask to ensure the Client can properly handle the DataCap you intend to allocate to them? 

1. Can you introduce yourself? Where can I find you online? (Github, Twitter, Linkedin handle) 
2. What is your use case for the DataCap being requested? 
3. What is the Filecoin address you would like me to allocate the DataCap? 
4. How much DataCap would you like to request? 
For organizational clients: 
5. What is the name, nature, registration country, time since inception, and named officers of your organization? Please link to relevant websites. 
6. In which region do you intend to use the DataCap? If you intend to use the DataCap in multiple regions, please specify. 
7. How many miners do you plan on allocating a DataCap? If you have a specific miner(s) you would like to allocate a DataCap, please specify. 
8. Do you plan to specify advanced features when utilizing a DataCap in your storage deal? If so, please specify the feature. 
*9. Have you previously received DataCap? If so, please share some details on how you spent the previous allocated DataCap in terms of question number 6, 7 & 8.

What processes will you employ to confirm that a Client is not improperly over-allocating DataCap to a single entity?

Prospective clients are encouraged to allocate the DataCap to more than 5 different miners, 
which not only increases storage redundancy but also helps maintain decentralization and reduce the possibility of potential misuse. 
The more miners clients allocate, the more DataCap clients are likely to get. 
Notaries will be able to ask the client about their intentions through question# 7 for the first allocation, 
and further verify this through question# 9 during the next allocation.

Bookkeeping Plan

Do you plan on keeping records of your allocation decisions? If so, with what level of specificity do you intend to respond to any audit requests?

Yes, all allocation decisions will be guided by the rubric publicly on Github. So are all communications. 
Since all interactions are intended to occur publically, most of the allocation decisions should be self-explanatory. 
Any challenges raised regarding allocation decisions should be discussed publicly in the Github repo first. 
If convincing justifications can’t be given by the Notary, a dispute resolution application can be filed to the Notary Governance after 14 calendar days since its original challenge date. 
Once the dispute resolution application is filed, the Notary Governance can assign an arbitrator among the Root Key Holders in order to resolve the dispute. 
A hearing may be given within 30 calendar days of the dispute resolution application depending on the arbitrator's decisions.

Do you plan on conduct your allocation decisions in public (e.g., Github repo), private (e.g., over email, Telegram, etc.), or both? 

All allocation decisions will be conducted in the Github repository.

Track Record

Past allocation

Have you previously received DataCap to allocate before? If so, please link to any previous applications.

None.

Cumulatively, how much DataCap have you previously successfully allocated? 

None.

Have there been (or are there still) any disputes raised against you from your previous DataCap allocations? 

None.
jnthnvctr commented 3 years ago

Hi @NeoGe-IPFSMain - apologies for the delay. Please see scoring and comments here: https://docs.google.com/spreadsheets/d/1VKtiWBC4-S4br0SihWpOUXjIftLug6X92VPyKtSxiDE/edit#gid=904935780

One note - in your bookkeeping allocation plan, do you intend to use the same application/repo that the Filecoin Foundation is using for their allocations? If so, I think we can score it as a 3 - otherwise it would be helpful to get more details on where these decisions are being made, and how the community would be able to inspect this. (As an aside - just to note if you do intend to use the same application as the Filecoin Foundation you will need a Ledger to sign in-app).

Also, please note that there is a proposed rubric change what would require us to rescore applications (https://github.com/filecoin-project/notary-governance/pull/36)

neogeweb3 commented 3 years ago

Hi @jnthnvctr, no worries at all, thanks for the scoring. Yeah, I will be using the same application that FF is using now.

Thanks for the reminder, I will use my Ledger or probably I will get another one to sign in.

jnthnvctr commented 3 years ago

Hi @NeoGe-IPFSMain based on your submission here: https://docs.google.com/spreadsheets/d/1TXz6aUHipxnNYo-wndVxeiaEznViDonOZPUAwEooGWc/edit?usp=sharing

Eligibility score: 2 Unrounded score: 2.2

jnthnvctr commented 3 years ago

Hi @NeoGe-IPFSMain - as mentioned on the governance call yesterday, your team was in the top of your region for being a prospective Notary! Prior to confirming your role as a Notary, there are a few items that need to be affirmed:

  1. Please acknowledge the region of operation in which you tend to primarily focus: [GCN]

  2. Please confirm each of the following items below (you can do this by adding a line under each section agreeing that you'll abide by these operational principles.

  1. Please list any addresses you are affiliated with below - stating the nature of the relationship. Please refer to the first bullet point in (2) for the definition of "affiliated", and bias towards transparency when in doubt.

  2. Please affirm that you will abide by the allocation / client due diligence plan you laid out above.

  3. (If ready) - Please confirm the address that should receive DataCap.

jnthnvctr commented 3 years ago

Additionally, if you plan on being listed in the Filecoin Plus Registry - please confirm what information you'd like to have displayed below. Please note that public requests currently write to a public repository (and we can work with you to configure the requests as needed).

"name": "Your Name", "use_case": [ "List", "of", "Use Cases" ], "location": "EUR", "github_user": "notaryc", (optional) "website": "google.com", (optional) "max_datacap_allocation": "100 GB", // To indicate to clients what size allocations you might support. (optional) "private_request": "false", // set as true if you plan on supporting private requests. (optional) "email": "youremail@a.com", // only needed if you are supporting private requests "info": "" // You can use this to share information with Clients about your allocation strategy / reqs

neogeweb3 commented 3 years ago

Hi @jnthnvctr, please see the below affirmations, thank you.

  1. Please acknowledge the region of operation in which you tend to primarily focus: [GCN]

ACK

  1. Please confirm each of the following items below (you can do this by adding a line under each section agreeing that you'll abide by these operational principles.
  • Upfront Disclosures: Prior to being confirmed as a Notary, Notaries are expected to disclose all relevant addresses which they control, have a financial stake in, or are strongly connected to by other means. For the disclosure, the Notary should state the relevant addresses and the nature of the relationship.

ACK

  • Promoting Client Best Practices: Notaries agree to educate approved clients about the best practices for using their DataCap (e.g. how to request additional services from miners, storing data redundantly across many miners, etc). Some reference information can be found here.

ACK

  • No Self Dealing: To prevent conflicts of interest, Notaries should not allocate DataCap to Clients over which they control the private keys, or to a Client who intends to specifically spend the allocated DataCap with an address affiliated with the Notary. When in doubt, Notaries should bias towards transparency (i.e. public disclosure) or to getting a different Notary to handle the individual request.

ACK

  • Operating in good faith: Notaries hold a position of trust in the network, and as such it is expected that they operate keeping the Principles of this mechanism in mind. While each form of abuse cannot be exhaustively defined, Notaries are expected to bias towards caution and act in a way that promotes transparency. Notaries should expect to potentially receive requests or questions for allocation decisions (within reason) - and should make decisions with this in mind.

ACK

  1. Please list any addresses you are affiliated with below - stating the nature of the relationship. Please refer to the first bullet point in (2) for the definition of "affiliated", and bias towards transparency when in doubt.

Please see below miner IDs, as they should serve better than addresses. Below miners are operated by IPFSMain, and we shared the ownership of them with investors. I will update the list of miner IDs below in this issue when there are any changes in the future.

f01235 f09037 f022361 f022373 f022374 f023626 f023627

  1. Please affirm that you will abide by the allocation / client due diligence plan you laid out above.

ACK

  1. (If ready) - Please confirm the address that should receive DataCap.

We had to get another nano for ledger-backed address, I will post the revised address below once I set it up.

The information I'd like to have displayed:

"name": "Neo Ge / IPFSMain", "use_case": [ "personal user storage", "scientific datasets", "video & music" ], "location": "GCN", "github_user": "NeoGe-IPFSMain",

dkkapur commented 3 years ago

@NeoGe-IPFSMain thanks for the above information! If in the future there are other relevant miner IDs to disclose, please just add them as comments on this issue stating the on-chain ID and nature of the relationship. It doesn't necessarily need to be just the miner IDs, really any ID where there might be a potential for a conflict of interest.

You do not need the Ledger to list yourself on the Registry section or to process applications, just for the signing portion (if you intend to use it to manage the signing). Let me know once you are able to share the new Ledger-backed address, and if all the above sounds fine. I can then mark this ready for allocation.

neogeweb3 commented 3 years ago

Hi, @dkkapur

@NeoGe-IPFSMain thanks for the above information! If in the future there are other relevant miner IDs to disclose, please just add them as comments on this issue stating the on-chain ID and nature of the relationship. It doesn't necessarily need to be just the miner IDs, really any ID where there might be a potential for a conflict of interest.

Yeah, definitely.

You do not need the Ledger to list yourself on the Registry section or to process applications, just for the signing portion (if you intend to use it to manage the signing). Let me know once you are able to share the new Ledger-backed address, and if all the above sounds fine. I can then mark this ready for allocation.

All the above sounds fine to me. I am encountering some error when I tried to run lotus wallet new secp256k1-ledger, could you help me with that? I've DM you on Slack. Thanks, Deep!

neogeweb3 commented 3 years ago

Hi @dkkapur, I have figured it out and updated the original comment with the Ledger-backed address. Everything looks good to go on my end.

jnthnvctr commented 3 years ago

Hi @NeoGe-IPFSMain - to confirm this is the address to use then: f13k5zr6ovc2gjmg3lvd43ladbydhovpylcvbflpa ?

neogeweb3 commented 3 years ago

Hi @jnthnvctr - Confirm.

jnthnvctr commented 3 years ago

Request Approved

Address

f13k5zr6ovc2gjmg3lvd43ladbydhovpylcvbflpa

Datacap Allocated

100TiB

jnthnvctr commented 3 years ago

hi @NeoGe-IPFSMain per my message in slack can you confirm this address is correct?

neogeweb3 commented 3 years ago

@jnthnvctr Confirm.

neogeweb3 commented 2 years ago

Notary Ledger Verified

Message sent to Filecoin Network

message CID: bafy2bzacedcnyk7yenli2u7gkwyiro3uzi6aewl334vnwyl4njmsx2b64t6qc

You can check the status of the message here: https://filfox.info/en/message/bafy2bzacedcnyk7yenli2u7gkwyiro3uzi6aewl334vnwyl4njmsx2b64t6qc