teamforus / research

Shared learning of decentralized development.
https://forus.io
The Unlicense
27 stars 5 forks source link

Make results of feasibility research visible #103

Open jamalv opened 6 years ago

jamalv commented 6 years ago

For SBIR it is important that we make the results visible. This can be done with some screenshots / a video demo or better yet, an easy way to deploy locally (e.g. docker).

It is mainly about the following repos: https://github.com/teamforus/rd-ethereum-wallet/ https://github.com/teamforus/rd-ethereum-platform

For the end report, screenshots are the minimum deliverable. A minimum for this should be there before: 9th of November

martijndoornik commented 6 years ago

Alright, a story will follow regarding the platform website. Note: the site is Dutch for demonstration reasons.

The first time a user will open the platform Forus website, the user will not have any accounts. It can add its account by pressing the "Account toevoegen" button. This will pop up a QR code the user can scan with its Identity app. The site will now listen for a Whisper message with a Whisper public key added in the QR. A Whisper private key is not the same as an Ethereum private key and will be generated each time the user opens the website. This is not a cookie or added as user data, but remains in the Javascript memory of the site.

home-no-login

The use of Whisper is needed so that the identity application can communicate with the web interface. In this case, the identity application will tell the display name and Ethereum public key of the identity. These are then added to the website cookie storage and will be used as a form of web session.

The name of the currently active identity is visible at the top right of the screen. In case of the following screenshots, these will be named identical to the role the user has (Sponsor, Requester or Supplier), but in the real world, this could be "Martijn" as a person, or for example "QNH" for a organisational identity.

So first the sponsor. The sponsor can click the "Ik wil sponsor worden" button. This will load a page in which the user can create a token. Note that any user can become a sponsor this way. This will deploy an ERC20 contract to the Ethereum network.

create-token

When the user presses "Aanmaken", a QR code popup will appear again. This contains a transaction the user has to sign and send via its identity application. Once again, the QR code will contain a Whisper private key which can be used in the identity app to show that the transaction is sent or done. Note that because the website has no private key of the user, as this will remain locked in the identity application, the private key is never revealed and cannot be 'stolen' in this way.

transaction-qr

After the transaction is done, the voucher will now be available in the website.

new-token-in-overview

However, the token is not yet active. While not active, the sponsor can add required claims (ERC735) to the token (not yet implemented).

new-token-page

When the validation rules are added, the sponsor can activate the token, allowing requesters to request the token and allowing the sponsor to add suppliers to the token.

When active, users that are not the sponsor or a supplier to the token can request the token.

request-token

After a user has requested a token and meets the specified claims, the user has been granted the amount of tokens as stated in the creation of the token (the "Hoeveel krijgt een aanvrager" field in the "Ik wil sponsor worden" page)

On the homepage, every token is listed with a QR-icon on the left of each token. When this icon is clicked, a QR-popup will appear, containing the information the identity application needs to track the token, thus allowing the user to see its balance. The addess of the sponsor is also added, as a requester will not be the owner of the token, but instead follows the "allowance" methods of the ERC20 contract to be able to spend it. *More on this can be found at the bottom of this comment.

After the user added the token to its identity application, it is able to spend the token at the applied and approved suppliers. As a supplier, you can apply to be supplier of a token on the token overview page. By pressing the "Aanmelden" button, the want-to-be supplier can sign and send a transaction via QR-code, which in turn triggers an event in the ERC20 contract of the token, allowing it to be visible in the list of "Leveranciersaanvragen" (not yet implemented)

token-page

The sponsor can see this list, and can decide to add the applied suppliers address to the list of approved suppliers. The requesters can spend their allowed tokens at that supplier now and further actions are done via the users identity application.

jastam commented 6 years ago

Wallet app

Create key When a user opens the app for the first time he will either have to create an new private key or import an existing one by scanning a QR code. This adds the private key to the app so it can be used for signing transactions on the Ethereum network.

keys

Create identity The next step will be to create a new identity. This is an ERC725/ERC735 identity which is created on an Ethereum blockchain. The app itself only keeps the address of the created identity and the name given to it by the user for easy reference. Also, if the user already has an ERC725 identity, it can be imported into the app by entering or scanning the address of the identity. identities

Sign and execute transaction Once the user has an identity, it can be used to sign transactions. To do this, the user selects the identity he wants to use and also a private key that can be used with the selected identity. Next he scans a QR code containing the transaction and presses the send button to sign the transaction and execute it on the Ethereum network. transaction

Login to website Logging in with an identity looks pretty much the same as signing a transaction. The user first selects an identity and key and then scans a QR code containing the login information from the website. After pressing the login button the app communicates the signed login with the website over the Ethereum whisper protocol.

login

jamalv commented 6 years ago

@nanningdejong has added this to the report.

Thanks for your input @jastam and @martijndoornik

Please add these documents (maybe in an updated form) to the repo's: https://github.com/teamforus/rd-ethereum-wallet/ https://github.com/teamforus/rd-ethereum-platform