GitHub/quartz
1
0
Fork 2
mirror of https://github.com/jackyzha0/quartz.git synced 2026-03-24 15:05:42 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

vault backup: 2022-12-20 15:03:50

Browse Source
This commit is contained in:
Jet Hughes 2022-12-20 15:03:50 +13:00
parent d9cde9fdab
commit 50d3e90cfa
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
content/notes/isolated scenarios.md
View File

@ -23,7 +23,7 @@ Within an existing closed BC with 10 participants. say we wanted to add another
How could a bad actor try to get themselves on the chain? Could they dupe someone else into signing the entry contract on their behalf? Or could they bypass the contract? The genesis block of a new peer (in HL iroha) has to be the exact same as the genesis block of all other peers. Could the genesis block be like a sort of "key to the network. Maybe not because there is not much to stop one of the existing peers sharing the genesis block with third parties. But then even if a someone leaked the genesis block the existing nodes would have to be instructed to start intereacting with the new node. I think the genesis key idea is dumb. We do still have to get the genesis block to the new members though. I think this would just be included as part of a repository for spinning up a node. How could a bad actor try to get themselves on the chain? Could they dupe someone else into signing the entry contract on their behalf? Or could they bypass the contract? The genesis block of a new peer (in HL iroha) has to be the exact same as the genesis block of all other peers. Could the genesis block be like a sort of "key to the network. Maybe not because there is not much to stop one of the existing peers sharing the genesis block with third parties. But then even if a someone leaked the genesis block the existing nodes would have to be instructed to start intereacting with the new node. I think the genesis key idea is dumb. We do still have to get the genesis block to the new members though. I think this would just be included as part of a repository for spinning up a node.
How does a new node request to join the network. Would it be an off-chain application process? Or would they be able to start a node, maybe join a sort of "lobby" network which they use to apply and maybe test their node and maybe some other things. Then once their "application" is accepted, they are allowed in to the main network. Would the lobby network be a sub network within the main network or a totaly separeate network. If it was separate it would have to have its own How does a new node request to join the network. Would it be an off-chain application process? Or would they be able to start a node, maybe join a sort of "lobby" network which they use to apply and maybe test their node and maybe some other things. Then once their "application" is accepted, they are allowed in to the main network. Would the lobby network be a sub network within the main network or a totaly separeate network. If it was separate it would have to have its own nodes for vaildation. Does the lobby even need to be blockchain based? What if an applicant sent an application through a website or some other medium. Then this application gets somehow sent to the main network, and voted on by the existing members. Is this just the idea of having validator nodes separate from other nodes. If we were to have separate validator nodes, this would be a level above the accepted nodes. So: lobby > participants > validators. In the lobby we can also carry out security check on the applications and they can upload required documents to this sub network. I would assume the documents that the application would need to supply at this stage are not confidential and it does not matter if other members of the node can view them (the source not just a promise that they exist). Are there a separate set of "validators" for checking new applications.
# Remove Member # Remove Member
What happens if one participant turned bad and the other wanted to remove them from the group. Ssay we havea grup of 10 participants in a closed blockchain system using a CFT consensus algorithm Then they can be voted out so that their vote is desregarded and so they cant view or access data on the chain. what if they require access to decuments stored on-chain which they dont have local copies of. I guess they wuld have access to a stored copy of the blockchain on their node. But then would this chain be considered valid by oters. they dont store the actual document on the blockchain only a timestamped hash to prove they had that doc at this particular time. participats should keep local copies of documents. Can participants kick out the initiating authority? You would have some mechanism to ensure that they cant be kicked out. firstly there would have to be a vote to kick them out. unless they aren't actually needed. who are the people that look at the documents that are stored on the chain to check them. Some third party collectively employed by the group? the govt? maybe its required for each participant to sometimes go and check if other participants are being truthful. What happens if one participant turned bad and the other wanted to remove them from the group. Ssay we havea grup of 10 participants in a closed blockchain system using a CFT consensus algorithm Then they can be voted out so that their vote is desregarded and so they cant view or access data on the chain. what if they require access to decuments stored on-chain which they dont have local copies of. I guess they wuld have access to a stored copy of the blockchain on their node. But then would this chain be considered valid by oters. they dont store the actual document on the blockchain only a timestamped hash to prove they had that doc at this particular time. participats should keep local copies of documents. Can participants kick out the initiating authority? You would have some mechanism to ensure that they cant be kicked out. firstly there would have to be a vote to kick them out. unless they aren't actually needed. who are the people that look at the documents that are stored on the chain to check them. Some third party collectively employed by the group? the govt? maybe its required for each participant to sometimes go and check if other participants are being truthful.
@ -44,3 +44,6 @@ If someone uploads a document by accident that is sensitive, then the chain hard
# Discovery of Security Vulnerability # Discovery of Security Vulnerability
what if someone found a security vulnerability in the code. would they exploit it? how to change the code. would there be a different process to normal code changes for something critical like this. within the blockchain wallets/accounts are linked to a real world identity. but i guess the person who found the vulnerability could easily (note the "person" is a member of an organisation who has access to the code) tell someone else who is not identifiable and have them exploit the vulnerability. how do organisations decide who has access to the code. if the person does not decide to try to exploit it, they have to bring it to the attention of others or try to fix it themselves. what if someone found a security vulnerability in the code. would they exploit it? how to change the code. would there be a different process to normal code changes for something critical like this. within the blockchain wallets/accounts are linked to a real world identity. but i guess the person who found the vulnerability could easily (note the "person" is a member of an organisation who has access to the code) tell someone else who is not identifiable and have them exploit the vulnerability. how do organisations decide who has access to the code. if the person does not decide to try to exploit it, they have to bring it to the attention of others or try to fix it themselves.
# Proposing Changes/Upgrades to the code or the goverance system