Launching Nexus 

Last updated by Tim Delhaes a month ago
 

Summary 

 
For backend, it will take 10 ~ 20 days to complete all tasks, and it may take some days for the penetration test. 
 
2-3 days for the frontend part implementation, once the Credential manager and oAuth support is ready on the backend. A week with testing and some padding.
 
With some padding we can target Oct 3 for the launch.  

Question: When will we have what Nexus features to launch? 

Credential manager 

Finish credential manager.  
 

Backend 

Currently we leak many secrets to the client-side which is only tolerable in testing and must be fixed before launching. Estimated 2 ~ 5h on backend side, then  
 

Update OAuth authorization and API call URL  

@Egor Milyukov and @Jin will need to update OAuth authorization and API call URL to route calls through credential manager and avoid touching any credentials. Implement a more secure sign in process. Currently the Metamask sign in process is not very secure (anyone who knows public key of the user can sign in). We need to improve it to at least verify that user owns the private key in Metamask. Estimated 1 ~ 2h on server-side. Estimated 4-8hrs on frontend side. 
 
We also will need to implement oAuth flow for Nexus users, so our app/api can be properly integrated with Zapier, see my conversation with Zapier app developer: https://inboundlabs.slack.com/archives/C03QY6D2YDT/p1660682917596499 . Estimated 1 ~ 3h on server-side. Estimated 1-3h for frontend.  
 
 

Call smart contract via proxy address  

@Egor Milyukov will need to implement message signing on the front-end. Estimation included above in the “update oAuth” section. 
Implement calling smart contract from unique proxy address for each user. Currently the web3 connector calls smart contract function from a fixed address owned by us, which is obviously not really useful. We will need to implement logic to route the call via a proxy address, which is dynamically generated for each user. This involves some smart contract programming (for routing calls) and I will need to research it, estimated 5 ~ 10h for EVM chains, 4 ~ 8h for Near and 4 ~ 8h for Flow. 
 

Security Review 

Perform general security review on all components and fix any security issues. Estimated 3 ~ 6h. We may also get a security firm to run a penetration test on our infrastructure.
 
 

Question: When will we have the simplest for of Gas Payments to have a bi-directional system? 

Gas Payments 

The simplest form will be user manually transferring some gas token to the proxy address for use by Nexus. This is of course not user-friendly, but requires little to no additional work on our end. 
 
 

Question:  What is missing for the different types of developments (web3 CDS, Blockchain Driver, Web2 Driver, App) to be complete? (we also need this to deliver grants commitments). Starting here. 

Enable developers 

 

W2 Driver and CDS

Web3 CDS

New BlockChain API

Develop App (extension, etc)

Example

100%

100%

100%

80% (missing proper auth flow)

Documented example code

50%

(missing docs)

50%

(missing docs)

50%

(missing docs)

50% (missing docs)

Tutorial

0%

90%

50%

(Needs updating)

0%

Dependency on missing core functions

Credential manager

None

None

Credential manager and oAuth

API features

N/A

N/A

N/A

100% (Create/update/delete workflows)

API documentation

50%

(CDS only)

80%

(Need more explanation on signatures)

0%

(Only example code is available)

80% (auto-generated technical docs, might require fine-tuning)

Design assets

N/A

N/A

N/A

100%

YT Tutorial

0%

0%

0%

0%

 
General introduction to platform 
General introductions to integrations  
 
 
 
 
 
New Budget items 
External Security audit 
Outsource Gas Contract dev 
Gas Smart Contract Audit 
ILDE Developers (CDS + Apps) 
Documentaion  
Refreshed On: Sep 27, 2022 21:34:11 UTC+00:00