Comments (14)
External audits will be conducted by trusted third parties like @zmanian. We'll want to provide some sort of "seal of trust" or "verification badge" per third-party audit that the validator passes. The validator will be able to paste their unique verification code into their config files, and the Cosmos UI should visually display the seals to delegators. Ideally, we wouldn't want any atom holder to delegate atoms to a non-audited validator.
The trustworthiness of auditors is measured by their track record and domain knowledge in hardware security, availability, and protection against malicious attacks (DDoS etc). We'll definitely want to have several relatively trustable auditors. @zmanian would have more to say about this.
from lunie.
@faboweb yes audits to happen off chain - can be linked in the desciption of a validator if they wish
How is the commission calculated?
See the spec: https://github.com/cosmos/gaia/blob/proposals/spec.md
Validators get to choose their own commission
from lunie.
Peng:
Important validator metrics for delegators to make an informed decision:
- Indicators of validator's external audits
- trustworthiness of the auditor(s)
- indicators of past performance
- validator uptime
- voting history, etc.
from lunie.
@nylira
Do we have information about external audits in the system?
How is the trustworthiness of auditors measured?
from lunie.
Thx for the details :)
from lunie.
very interesting! @faboweb this seems "AC" worthy. a task which has not been accounted for yet.
from lunie.
waiting on @rigelrozanski ...
from lunie.
auditing status of each validator
what is the auditing status?
User is able to see the amount of commission they have earned
This should not need to be stored on chain, the client should be able to record original bond value and calculate what the commission gains on the fly
User is able to view all the validators / User is able to see all the validators he has bonded atoms with
I'm assuming you mean candidates/validators. This can be implemented through full node query but I think ultimately we may need to come up with an alternative solution involving client tracking and off chain 3rd party query for the active lists of all candidates or candidates which a delegator has bonded too
from lunie.
@faboweb Also thanks for pinging me - I would have liked to be pinged in this one right from the get go!
from lunie.
Thx goes to jordan I think. Thx for the clarification and feedback, we will try in the future to involve/ping people involved from the start.
what is the auditing status?
By @GaMarin:
I guess validators could pay independent firms to make an audit of their setup. We should not audit anything ourselves
By @nylira: #24 (comment)
calculate what the commission gains are on the fly
How is the commission calculated?
off chain 3rd party query for the active lists of all candidates or candidates which a delegator has bonded too
Let's consider this. I have the feeling that not being able to see where you (as a user of the light client) have bond is a bad idea.
from lunie.
Let's assume for now that the audit status is self-provided by the validator and is reflected by a link to an off-chain resource.
from lunie.
When there are screenshots/mocks of delegation UI could someone post them to the issue?
from lunie.
@zmanian will do!
from lunie.
Open subtasks splittet out: #132 #133 #134 #135
from lunie.
Related Issues (20)
- CVE-2021-27515 (Medium) detected in url-parse-1.4.7.tgz HOT 1
- CVE-2018-19797 (Medium) detected in node-sass-4.14.1.tgz HOT 1
- CVE-2019-6284 (Medium) detected in node-sass-4.14.1.tgz HOT 1
- CVE-2019-6286 (Medium) detected in node-sass-4.14.1.tgz HOT 1
- CVE-2018-20821 (Medium) detected in node-sass-4.14.1.tgz HOT 1
- CVE-2019-6283 (Medium) detected in node-sass-4.14.1.tgz HOT 1
- CVE-2021-28092 (High) detected in is-svg-3.0.0.tgz HOT 1
- CVE-2021-29060 (High) detected in color-string-1.5.3.tgz HOT 1
- WS-2020-0091 (High) detected in http-proxy-1.17.0.tgz HOT 1
- CVE-2020-7608 (Medium) detected in yargs-parser-11.1.1.tgz HOT 1
- CVE-2018-20190 (Medium) detected in node-sass-4.14.1.tgz HOT 1
- CVE-2020-15168 (Medium) detected in node-fetch-2.6.0.tgz HOT 1
- CVE-2020-15366 (Medium) detected in ajv-4.11.8.tgz, ajv-6.10.2.tgz HOT 1
- WS-2019-0427 (Medium) detected in elliptic-6.5.0.tgz HOT 1
- CVE-2020-36049 (High) detected in socket.io-parser-3.3.0.tgz HOT 1
- WS-2019-0424 (Medium) detected in elliptic-6.5.0.tgz HOT 1
- CVE-2021-23362 (Medium) detected in hosted-git-info-2.8.4.tgz HOT 1
- CVE-2021-23364 (Medium) detected in browserslist-4.6.6.tgz, browserslist-4.16.3.tgz HOT 1
- CVE-2021-23368 (Medium) detected in multiple libraries HOT 1
- No binaries
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lunie.