Launching Nexus
Summary
For backend, it will take 10 ~ 20 days to complete all tasks, and it may take some days for the penetration test.
2-3 days for the frontend part implementation, once the Credential manager and oAuth support is ready on the backend. A week with testing and some padding.
With some padding we can target Oct 3 for the launch.
2-3 days for the frontend part implementation, once the Credential manager and oAuth support is ready on the backend. A week with testing and some padding.
With some padding we can target Oct 3 for the launch.
Question: When will we have what Nexus features to launch?
Credential manager
Finish credential manager.
Backend
Currently we leak many secrets to the client-side which is only tolerable in testing and must be fixed before launching. Estimated 2 ~ 5h on backend side, then
Update OAuth authorization and API call URL
@Egor Milyukov and @Jin will need to update OAuth authorization and API call URL to route calls through credential manager and avoid touching any credentials. Implement a more secure sign in process. Currently the Metamask sign in process is not very secure (anyone who knows public key of the user can sign in). We need to improve it to at least verify that user owns the private key in Metamask. Estimated 1 ~ 2h on server-side. Estimated 4-8hrs on frontend side.
We also will need to implement oAuth flow for Nexus users, so our app/api can be properly integrated with Zapier, see my conversation with Zapier app developer: https://inboundlabs.slack.com/archives/C03QY6D2YDT/p1660682917596499 . Estimated 1 ~ 3h on server-side. Estimated 1-3h for frontend.
Call smart contract via proxy address
@Egor Milyukov will need to implement message signing on the front-end. Estimation included above in the “update oAuth” section.
Implement calling smart contract from unique proxy address for each user. Currently the web3 connector calls smart contract function from a fixed address owned by us, which is obviously not really useful. We will need to implement logic to route the call via a proxy address, which is dynamically generated for each user. This involves some smart contract programming (for routing calls) and I will need to research it, estimated 5 ~ 10h for EVM chains, 4 ~ 8h for Near and 4 ~ 8h for Flow.
Security Review
Perform general security review on all components and fix any security issues. Estimated 3 ~ 6h. We may also get a security firm to run a penetration test on our infrastructure.
Question: When will we have the simplest for of Gas Payments to have a bi-directional system?
Gas Payments
The simplest form will be user manually transferring some gas token to the proxy address for use by Nexus. This is of course not user-friendly, but requires little to no additional work on our end.
Question: What is missing for the different types of developments (web3 CDS, Blockchain Driver, Web2 Driver, App) to be complete? (we also need this to deliver grants commitments). Starting here.
Enable developers
W2 Driver and CDS | Web3 CDS | New BlockChain API | Develop App (extension, etc) | |
Example | 80% (missing proper auth flow) | |||
Documented example code | 50% (missing docs) | 50% (missing docs) | 50% (missing docs) | 50% (missing docs) |
Tutorial | 0% | (Needs updating) | 0% | |
Dependency on missing core functions | Credential manager | None | None | Credential manager and oAuth |
API features | N/A | N/A | N/A | 100% (Create/update/delete workflows) |
API documentation | 50% (CDS only) | (Need more explanation on signatures) | 0% (Only example code is available) | 80% (auto-generated technical docs, might require fine-tuning) |
Design assets | N/A | N/A | N/A | 100% |
YT Tutorial | 0% | 0% | 0% | 0% |
General introduction to platform
New Budget items