josepablofm78
commented
3 years ago Organization Notary
Currently, a notary is associated with a single address that belongs to a certain individual, who will handle all the requests from the clients.
So if an organization wants to act as a Notary, a single person will have all the responsibilities associated with the role of a notary, with the limitations and risks that this implies.
To address this situation, it would be necessary that the verify flow and the frontend app support the use of a multisig address, where multiple individuals could sign messages on behalf of the organization represented by this multisig.
Multisig setup
The setup will be similar to the configuration proposed for the automated services:
Create multisig with threshold=1. Add the individual addresses as signers in the multisig (More addresses could be added later) The multisig address is used in the Notary request and it will get the datacap When an individual propose a new verified client using an address that is a signer in the multisig, the tx will be approve automatically Each organization will be responsible for setting this multisig correctly
Frontend
It will be necessary to adopt some changes in order to support a multisig Notary
The individual who accesses the app needs a way to indicate he/she represents an organization that uses a multisig address. For this, the “Log in as Notary” modal could have two tabs, the existing one for individuals, and a new one, for organizations, where the person can introduce the address of the multisig When the user clicks the “Load Ledger Wallet” button, the app checks that the multisig address exists and it’s a notary, and looks in the wallet of the user for an address that is a signer in the multisig A slight visual change in the Notary View. The Approved Notary Id shown by default will be the address of the wallet that is a signer of the multisig. Besides of the wallet drop down, the app will show the multisig address with the remained datacap The rest of the Notary View will look the same, and the flows and the operatives will be the same too. Under the hood all the verify actions will send a proposal to the multisig address instead of sending a message to the verify actor
Github integration
We need a mechanism that allows the users to request datacap to the organization using the onboarding flow, and also that allows the individuals of the organization to get and work with this issues in the Notary View
First and simple option would be to use a generic github user and distribute the password to all the individuals. So all of them will use the same user to sign in and therefore to read and write into the issue.
Second option, and it would need some research to see if it is possible, would be to use a github organization setting the proper permissions for the individuals to be able to read issues assigned to the organization and post the comments and labels to update the status of the request.
In case we wanted an Organization Notary that did not depend on one person, but used a multisig account that allows multiple individuals to verified clients on behalf the Org Notary, we need to (re)design the flows and the frontend app to allow to use an address to send a propose of a new tx to the org multisig