Profile Service Enhancements

[mgravitt]

Background on Profile Service

The existing Hypha (Telos) profile service enables sybil-protected (SMS verification) free account creation, off-chain public and private profile data secured with a Telos account, any arbitrary public & private data (profiles/avatars/files), secure user-to-user communications, and other features. The initial phase of development was funded via the Telos worker proposal system in mid 2019. More background info can be found in this document, the original proposal: https://docs.google.com/document/d/1Po6ZmHK_7Al2meL1XGXdDdPgRTfr5vx-D13a2lzN61E/edit

The repo can be found here: https://gitlab.com/telos-kitchen/ppp. The service is used by multiple dapps and wallets across the network.

This issue is to track feedback and updates to the profile service.

Feature Updates

Identity Request

When logging in using Anchor, the user is prompted with an identity request.

Is it possible to have this provide security for the off-chain profile service rather than the login action? Is it secure? The benefit of this is that it will not require the Connect and Edit step currently in the UI.

Updates to Profile fields

The UI panel for profile edits can use a refresh. I am not a visual designer, but here's a grab of a more modern looking user profile view.

The profile service itself supports any arbitrary data, so we can support richer content, perhaps followers, project pages, posts/updates, etc. The contact preferences (to be used for alerts) should be de-emphasized in the UI for now. In a future phase, we should implement Apprise in a way that allows members to subscribe to events (e.g. when their proposal is voted on) using their profile configuration.

We should also add the member's DHO-related information such as assignment history, proposal history, badges, voting history, membership to other DHOs, transaction history, etc. I think the profile page is where members should go to learn about other members.

Migration from AWS

The current profile service is tightly integrated with AWS (Lambda and DynamoDB). There are multiple challenges with this:

1. DynamoDB is getting expensive ($250+ / month)
2. Lambda cold starts are slow
3. The service is not very portable or accessible to a newcomer to run their own node
4. The client libraries required for accessing the profile service is very heavy (large to download), 30% of total size. @gregory-latinier ?

Perhaps these challenges can be addressed individually, but the thinking is to encapsulate this as a docker container operating on a Hypha utility server (to be named: "Hypha embassy node") alongside the other services.

This would entail migrating the serverless project to express and replacing DynamoDB with something like Mongo.

Graph integration

Should the public profile data be added to the public graph? I think this would likely speed retrieval of content, especially when painting screens that have profile data on each card.

Public API

Let's review the API/SDK to make sure any dapp can connect into these services. I am fairly certain this is already in place.

Review OAuth Use Cases

The service supports OAuth integration, so that a members' Hypha login can be used to access any OAuth service, such as their Cloudron account for editing the wiki, dashboards, document share, etc. We originally integrated this with CodiMD as the initial use case. We should review if their are more use cases now (e.g. a wordpress instance for a DHO).

[Rieki7]

Big things that are useful for accounts here to also pair with SEEDS.

1. Skills (to suggest them quests and roles) users chose their own skills (which may translate into badges, and may have an ability for other people to vouch (similar to linkedin).

2. Showing all badges, quests completed, roles held, etc In one place (so you can see what other members have done... Better to get an idea of them!)

3. Self Select personality type badge (same as badges... But what Joachim has been working on).

Love the ability to sign up for alerts

Currently the phone number field seems to give lots of errors to people

[sebastianmontero]

A few comments/questions:

1. I'm not familiar with the identity request feature? is it anchor specific? The user still has to sign something to prove their identity, right?
2. Containerizing the solution makes sense, to make it easily deployable, I guess the most time consuming part of the migration would be the change of DB technology, mainly because of the peculiarities of DynamoDB
3. One option could be to store all public data directly to dgraph, and a use another data source for private data? My guess is users are not storing that much private data, or are they?

[mgravitt]

@sebastianmontero

1. I am not fully sure. I remember the "login" step with Scatter too, which makes me wonder if it is part of UAL and not specific to Anchor. I posted to the Anchor board to see if they can provide more direction. https://forums.greymass.com/t/using-identity-request-for-additional-authentication/239

2. OK

3. I don't think users are storing much private data right now. However, we do want to integrate much better alerting with the Apprise package. A user would enter their cross-network handle, like telegram, SMS, email, WeChat, WhatsApp, etc, and then Apprise knows how to notify them on that network. The Seeds P2P ATM also desires to enable encrypted chat for coordinating information directly. Since private data isn't really required yet, we can use DGraph for public data and then create another feature to add private data in the future (as part of the Apprise feature). I imagine that DGraph also supports private data, but I'm not sure.

[sebastianmontero]

I think the enterprise edition of Dgraph supports ACL

[mgravitt]

I think the enterprise edition of Dgraph supports ACL

I don't think an enterprise feature is ok.

What if we use a wrapper service that encrypts the private data? Maybe Anchor could encrypt it with the private key.

[mgravitt]

Just FYI, Ceramic.network is releasing a tutorial this week on how to integrate additional blockchains into their product, which seems like an interesting fit for what we are trying to accomplish

[mgravitt]

https://discord.com/channels/682786569857662976/682787354523861036/777902346109190154

[leonieherma1]

@lukegravitt I assigned this to you. There is some info about enhancing profile services - maybe not needed anymore after you worked on it already. Could you please take a look and see if there is relevant info for you in there? If not we can close it. Thanks

[lukegravitt]

All of these are still issues... and most are changes that the backend needs to initiate. I'd probably still push for these but these are backend-driven performance and functional issues that need to be driven by a backend dev.