IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-12 15:25:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
gradido/docu
History
Claus-Peter Hübner 5739a77348 Merge remote-tracking branch 'origin/master' into 2882-feature-distingue-communities-and-communities_federation-in-database
2023-04-19 23:06:32 +02:00
..
Concepts
Merge remote-tracking branch 'origin/master' into 2882-feature-distingue-communities-and-communities_federation-in-database
2023-04-19 23:06:32 +02:00
graphics
first draft after meeting
2022-10-18 23:55:22 +02:00
Locales
add dutch and frence
2022-08-16 11:54:11 +02:00
other
add analysis of elopage and concept proposal
2022-05-20 12:30:46 +02:00
presentation
gradido as platform drawio
2022-04-06 12:57:26 +02:00
ReleasePlaning
first draft of releaseplan
2022-01-27 02:34:06 +01:00
Style/Images
Add files via upload
2022-05-25 15:06:31 +02:00
Templates/Templat-Overview-16-12-2021
new folder 'Template' in '/docu'
2021-12-30 13:59:36 +01:00
community-server.api.md
update doc
2021-08-05 12:12:50 +00:00
create-coins-as-admin.md
Change the documentation of the coin creation to the new admin interface.
2022-02-02 15:03:18 +01:00
gradido_architecture.md
included existing docu
2021-04-16 22:08:51 +02:00
Gradido-Admin.epgz
Merge branch 'master' into setup-tests-for-resolvers
2021-11-03 23:19:40 +01:00
login_server.api.md
update doc
2021-10-12 14:22:19 +02:00
menu-struktur.pdf
docu frontend menu page structur
2021-04-08 16:10:30 +02:00
Neue_User_einladenl.txt
Some docu files not yet in the repo
2021-08-22 13:40:11 +02:00
onboarding_process.md
udate
2021-11-30 19:39:01 +01:00
README.md
included existing docu
2021-04-16 22:08:51 +02:00
RoadMap_2022-2023.md
kleine Änderungen u Ergänzungen
2022-10-25 22:27:30 +02:00
userstorry_button.txt
change
2021-04-08 16:01:44 +02:00
userstory.feature.template
Some docu files not yet in the repo
2021-08-22 13:40:11 +02:00

README.md

Gradido Documentation

APIs

The API Documentation is separated by which server answers them. Either the community server or login server. Therefore the documentation is split into two parts accordingly.

Process - Reset password

  1. Send user email with email verification code: Send E-Mails
  2. Login via emailVerificationCode: Login by Email Verification Code
  3. change password: Update user data

Graphics

The following Graphics try to show certain mechanics, principles and structures of the gradido project

Cookie mechanic

Software structure transition

An Idea of how to transform the Software structure step by step to keep it working, while transitioning to a more modern and strict structure. The basic Idea is to create a unified API to communicate with the outside world, while the existing services are hidden behind it. Furthermore the community server is under consideration to be absorbed by this new unified API Interface. This would remove PHP as language from the project, unify the API and separate front from backend.

In the long run (shown as the last section in the graphic) it could be wise to fully decentralize the login server completely.

Old or outdated stuff

Graphics get outdated - this section is the graveyard for those.

Software release plan stage0-3

In the past a waterfall-like development method was used which resulted in multiple big branches not yet compatible. This graphic shows how and in which order those branches o existing code could be integrated.

We quickly managed to go from stage0 to stage1. stage2 and stage3 will be one step now, if we can reuse this code.

Frontend authentication idea

Some ideas of regarding fixing the broken authentication

Repo structure

One upon a time the repository was split into multiple parts. This compartimalisation resulted in some inefficiencies which were resolved by merging (most of) them into a mono repository. The following graphic was made to explain the idea and plan the "mono-repoisation"

Questions

why distributed system for gradidos? is it needed to add this type of complexity?

  • ensuring uptime
  • data is not stored in single place, no single point of failure
  • even if most important nodes are hacked, we still have a replayable gradido blockchains, which can be migrated to another cluster

main ideas for gradido distributed system

  • system would rely on existence of honest / incorrupted nodes in the network
  • consists of nodes (not gradido nodes, but universal ones)
  • using blockchains to store data
  • generally open and transparent, with few exceptions (monitoring health, last-resort backup creation)
  • single topology blockchain for a cluster; TB contains at least:
    • list of all nodes in the cluster along with their types
    • updates to states of nodes (active, banned, etc.)
  • not all nodes can write to all blockchains
  • distributed system consists of nodes, each having at least:
    • type
    • signature key
    • copy of TB
  • read sequence: sending same request to random many nodes, receiving answer, reporting other nodes to management in case of discrepancies, which could lead to node ban
  • write sequence: transaction goes to ordering service, receives consensus sequence id, is sent to listener nodes, is written to blockchain replicas

proposed nodes

  • management node
    • adding new nodes to network on request, banning nodes
    • should be maintained by us for our cluster
  • ordering node
    • orders requests just like Hedera; can use Hedera (at least initially)
  • login server node
  • gradido blockchain node
  • gradido blockchain backup node
  • relay node: to anonymize blockchain read requests (for better cluster health)
  • community server is not a node; it stands out from distributed network and accesses cluster via login server

example sequences

  • user actions
    • browse groups
      • community server addresses login server; login server has TB; it asks for data, reporting invalid nodes in the process; result is returned to community server and presented
      • required signatures: community server
    • create group
      • community server -> login server node -> management node (as it has to write to TB)
      • required signatures: community server, login server node, management node
    • join group
      • by invitation: applies for invitation via email, gets link to URL (hosted by community server), clicks it, login server node gets notification
      • required signatures: community server, login server node
    • do work
      • hours worked could be stored on community server, as necessary
    • receive gradidos
      • sent by group leader; they cannot exceed amount set in rules
    • cross group transfer
      • sender@sender-group issues request via community server, mentioning recipient@recipient-group in it; sender's login server receives it, adds outbound transfer on sender-group blockchain, notifies login server of receiver-group (found by looking up in TB); inbound transfer is added to recipient-group's blockchain by login server #2
      • required signatures: community server, both login servers

how it comes together with model we have

  • user id would not be his email but username@gradido-group-name
  • gradido node server would keep:
    • gradido group blockchains, which are associated with its login server (then it would be primary gradido node for particular gradido group)
    • other blockchains - such as those which are necessary often, or needed to support network with backups (then it would be support gradido node for particular group)
  • when reading blockchain data from a gradido node, random nodes are picked from each of the three buckets:
    • primary gradido nodes
    • support gradido nodes
    • trusted gradido nodes: maintained by us
  • growing of the cluster
    • we could maintain some basic infrastructure to which it would be possible to add new nodes by other players
      • existing login servers could be reused, for example; this way groups could be set up quickly

known weaknesses

  • hedera and flood
    • cannot deny write access
  • if blockchain is public, then a participant can find out public key of its recent partner in transfer
    • maybe that can be classified with time; but if we use Hedera, all data is public

development

  • it is possible to have basic version quickly
    • only one way of joining a gradido group: by invitation
    • only one type of gradido group: dictatorship (single person makes decisions)
  • prototyping
    • demo in Erlang
  • within this model it is possible to ensure fault tolerance, resilience against flooding, resilience against timeout attacks, rollbacks, migration procedures; we can focus on main features in the beginning

other

  • each node could have credibility rating, built over time
  • if gradido node gets corrupted, login server node may get ban as well
  • all requests are signed by issuing node's private key; those can be used as evidence to track down source of hacker activity
  • consider the model described in this file as an "umbrella" for existing ideas of community server, login server, node server
  • possibility to have gradido organization badge for identified groups / individuals
  • user migration from group to group may involve two login servers
  • login server is actually a group of replicas
  • anyone can create a gradido cluster for his own needs; it is not mandatory to join our cluster
  • good practice would be to store memo along with gradido creations, always
  • gradido groups could have ratings
  • only management nodes can write to TB
  • only login server nodes may write to their primary group blockchains
  • clusters could be merged (gradido blockchains would migrate along with gradido nodes / login servers)
  • management nodes are considered primary nodes for TB
  • different programming languages could be used to implement various types of nodes, to improve safety and security
  • most of nodes are simple by themselves, easy to make
  • transaction ids are generated on sender's side