search

threefoldtech / home

Starting point for the threefoldtech organization
https://threefold.io
Apache License 2.0
9 stars 4 forks source link

TF Grid Cooperative Identity Management #1502

Open xmonader opened 9 months ago

xmonader commented 9 months ago

User Story: Identity Management for TF Grid Cooperative Members

Background: Enhance security on the TF Grid by implementing a secure identity verification system for TF Grid Cooperative members.

Check the forum post for more details

Acceptance Criteria:

  1. Membership Requirement:

    • Users must join the TF Grid Cooperative to access the ThreeFold Grid.
    • Communication channels include email notifications and in-platform alerts.

  2. Monthly Fee:

    • A flat monthly fee of 10 USD for cooperative members.
    • Discount structures for contributors, students, and existing farmers.

  3. Identity Management System:

    • Implement a custom identity management system with multi-factor authentication (SMS, Email, Matrix Chat Addr).
    • Store essential user information in profiles.

  4. Verification Process:

    • Verify users through SMS, Email, and Matrix Chat Addr.
    • Provide clear documentation with step-by-step guides.

  5. Compliance with Authorities:

    • Comply with legal requirements for domain names and farmer verification.
    • Integrate a legal compliance module for tracking and responding to legal requests.

  6. Communication Strategy:

    • Announce the new requirement to members.
    • Provide regular updates during the grace period.
    • Use in-platform messages to guide users through verification.

  7. Documentation:

    • Develop comprehensive documentation on the purpose and features of the identity management system.
    • Include FAQs and troubleshooting guides.

  8. Testing:

    • Conduct unit and integration tests for the identity management system.
    • Perform user acceptance testing in a dedicated environment.

  9. Rollout Plan:

    • Initiate a phased rollout to beta users for feedback.
    • Gradually expand to all TF Grid Cooperative members.
    • Provide support channels with live chat and a dedicated helpdesk.

Definition of Done:

sameh-farouk commented 9 months ago

I'm Trying to wrap my head around this model .. I'll appreciate if you can you provide answers to these questions.

Q1. Is this intended for anyone who needs to deploy something on the TF Grid or for farmers only?

Q2. Is it opt-in or mandatory?

Q3. How does this affect current farmer/users and the new farmers/users regarding the operation they can do if they are not being part of a cooperative? for example:

Q5. As a user (who pay already for my workloads) or farmer (who contribute my computing capacity to the grid), why would I pay a monthly fee, Is there any incentive for being part of a cooperative?

Q6. who would manage this data (threefold?), and who can grant access to it?

Q7. Do farmers will know (or can know) the personal info of owners of the workload they host? If no, then how this can improve the situation when a farmer reached by authority asked about one of the workloads hosted on his farm (as mentioned in our recent blog post) ?

one note, it should be obvious but can we add to the requirements that the identity management system and the whole cooperative model should be designed with the privacy of grid users in mind.

xmonader commented 9 months ago

I forgot to add a link for the forum post https://forum.threefold.io/t/december-22-2023-update-from-the-team/4170

Q1. Is this intended for anyone who needs to deploy something on the TF Grid or for farmers only?

All users, including regular users and farmers, will be part of a cooperative.

Q2. Is it opt-in or mandatory?

Participation is mandatory.

Q3. How does this affect current farmer/users and the new farmers/users regarding the operation they can do if they are not being part of a cooperative? for example:

Are current users who are not part of a cooperative can still use our platforms/tools to deploy their workloads?

They won't be able to deploy any workloads without identification.

Are current nodes owned by farmers who are not part of a cooperative can still get listed as available capacity to deploy on? does rewards affected ?

I'm not sure about those not in the cooperative. Cooperative membership will be responsible for the rewards.

Are new users can register new accounts/capacity on grid and start interact with our tools without being part of a cooperative ?

Their account needs verification by a Cooperative.

Q5. As a user (who pay already for my workloads) or farmer (who contribute my computing capacity to the grid), why would I pay a monthly fee, Is there any incentive for being part of a cooperative?

You missed Q4 :D For farmers, there are benefits to be part of a cooperative, such as increasing capacity utilization (and it's the only way to get tokens as minting will stop). For users, having some fees reduces the chances of platform abuse (discounts are planned, as mentioned in the forum post).

And for the user, having some sort of fees, reduces the chances for the platform abuse (there're discounts planned as mentioned in the forum post)

Q6. who would manage this data (threefold?), and who can grant access to it?

Each cooperative is responsible for the collected data and must comply with GDPR.

Q7. Do farmers will know (or can know) the personal info of owners of the workload they host? If no, then how this can improve the situation when a farmer reached by authority asked about one of the workloads hosted on his farm (as mentioned in our recent blog post) ?

The Cooperative the farmer is part of will decide whether to provide data to authorities.

Some other concerns:

xmonader commented 9 months ago

Update:

Apparently what @despiegk thinks, is the verification needs to be separate from the user data that being collected by a cooperative.

There should be many verifiers that can flag a twin to be "verified" and the cooperative is free to use which verifier, with the note that the verifier can be verifying through sms, email, .. etc