Update 8 February, 2024

Thanks, thought so. Just making sure it wasn’t some signed message.

Is this via a web page or on Safe network via the client? Just wondering if people might be concerned putting their paper wallet’s private key onto a web page.

5 Likes

It’s via the safe cli. Could easily be done as a standalone app, or a tauri gui, or a webpage, but for now the focus is keeping everything in one place (the cli)

7 Likes

Would a signed message not be a viable proof of access to the private key?

I know I’d prefer to that option as it seems more secure, but not a big priority for testnets etc.

I think with the private key being used with the Safe network (I assume in the client in your PC) it should be safer than say using omniwallet to do the signing. How many people have a program on their computer to do the signing?

1 Like

I fortunately have some omni maid of negligible value at an address I will happily use.

There was a point where everything was in paper wallets and I would have been very reluctantly to use those keys for testing.

I wonder how many people are in that boat.

Whats happening with eMAID.

3 Likes

:raising_hand_man:t3:

I will be like a pair of knickers in the next tests always on the bum :joy:

Most will understand there’s a risk of exposing the secret/private key, and some may even bother to mitigate this! [Looks at @Josh]

I do think we should be extra careful here to minimise the risk of keys being exposed or stolen.

How? Warnings and suggested measures such as:

  • a) in prep for this (eg moving X coins to an address you should trus as at risk, with some guide as to how many coins need to be at the address/and maybe a suggested maximum).
  • b) how to manage the key safely to balance convenience with security. Maybe this can be helped by embedding in a sudo only script or something, but I’m out of my depth now.

I do expect this will have been thought through but worth saying even so.

Looking forward to this next step @mav. Seems like test networks have learned to walk and are about to run!

6 Likes

Hitbtc is still there for a few omni maid. Idk what the cost to send omni maid is now but it was at un-bumable levels a while back I think (hazy)

3 Likes

I can’t use hitbtc the uk is now blocked, not sure if it will work using a vpn though?

1 Like

Oh didn’t know that (maybe I remember @Southside saying so), Ian mentioned fees are down so probably better than I remember when ordinals were a craze.

What about Changelly?

If it is not going to cost a dinner out to send a handful of MAID, I got you.

2 Likes

And I think that while it is good to test that this process works, it would be better to limit the available test SNT with some other methods in the future.

While some of us are able and willing to get test tokens based on their MAID holdings, I think we need more testnets with wide userbase. Redeeming with MAID is going to work against that.

3 Likes

You think it will cause less participation?

If so why? Surely anyone who asks for some SNT in a test will get some from someone. It will just no longer be a case of uploading everything and anything and then some.

3 Likes

Basically I just think that any friction is going to cause less participation than would be without that friction. Especially for any new testers.

But this is just my speculation and doesn’t matter at all at this point. I am not against trying to do it this way now.

But on a slightly different topic, I do think that it might be good to start to think more about what kind of testing we need before launch. For example, are we able as a community to provide enough nodes and testers to have testnets, that are large and varied enough?

2 Likes

I wonder how many people participate without posting here and is it possible to know.

This last net filled up super fast, was that the handful of people that post here, if so I think it makes my point of limiting free tokens.

3 Likes

Getting tokens only on request would work to that direction.

2 Likes

File under: Just a Thought

Given that we ( the testnetters) will likely be working with a finite no of tokens, should we look to define a standard set of tests to be run by everyone in the first instance?
Perhaps something like

time safe files upload -p begblag.mp3
time safe files download begblag.mp3
safe register create myregister
safe register edit myregister "Some text"

This way - with proper reporting - we have structured data points for the devs to analyse and we get a quick overview of what the general performance and problems are.

Following that then we can all go do our own thing, wallet balance permitting…

5 Likes

That is a good idea.

Personally I think I would take part to only a very little into that kind of thing, because my router does not allow so much traffic without killing our home LAN. That’s how I got the idea of doing my own little test on the last testnet.

So, on top of systematic testing, I would like to just get the system exposed to all sorts of “How about this random twist?” -type of testing. And I think that would happen much more with just more folks testing.

And on top of that, I’d like to have some sort of plan by some professionals (our team) about what kind of testing is really needed before this new backbone of mankind’s data is released for general public to use and rely on.

For now I have been very impressed by all the measurements, graphs etc. our community members have been presenting. When looking at something, it seems to me that they are able to see quite well what is in there. But what are the things we should be looking at? There are maybe some theories and calculations we could try to prove, or prove wrong? Or… I don’t know what, but I think there will be more aspects that needs testing.

2 Likes

Yes it would be a viable proof of access.

One of the main design aspects for the distribution of the faucet is keeping it isolated from clients. It doesn’t transfer directly from the faucet to the client. It doesn’t depend on client events or input to work properly. It distributes, then lets clients do what they want. The signature method slightly violates this because it needs the client to submit a signature + wallet address.

I quite like the idea to sign a safe wallet address. The faucet would distribute at the start to all the signed addresses it has. This lets people use the signed message as their ‘auth’ to the faucet, instead of needing the maid secret key to decrypt each time to receive.

Another consideration here is being able to distribute as much as possible from the faucet before the network is announced, which reduces how much undistributed funds the faucet is holding. This can already be done for quite a few addresses (about 1200 of 16K) because we already have their public key on the bitcoin blockchain. If we depend on a signed message there are currently 0 addresses we could distribute to. Over time that would improve as people participate in testnets. There’s something nice about the faucet inputs only being from omni (balances, addresses, public keys), and not needing any bls inputs.

This is true, but we can easily provide a signing mechanism in the cli or as a standalone app, it’s very simple to write. The nice thing about using a signed bls address to claim vs the maid secret key to claim is the signature can safely be stored for reuse, but the secret key must be stored securely and each reuse is another chance of risk.

It’s worth pointing out we’re being very considerate of security for maid secrets (rightly so!) but we also need to be very considerate of safe wallet keys, which are currently not secure in any way at all. If we want to go down the path of submitting a signed safe wallet address then we need to make sure the key for that address is as secure as the maid.

It will continue to trade. My guess is eventually a bridge or burn will be set up to allow emaid to be converted to and fro snt. There will be some solution to converting emaid to snt by the time of launch, but for testnets the focus is on omni because it’s stagnant and has the vast majority of funds.

Hmmmm. I hope so. But a part of me feels this will reduce participation instead of increase it because of the extra steps.

The faucet will continue to give tokens away for free like it currently does, but with a much lower amount. Recent testnets have been about 0.002 snt per gb for uploading (can anyone confirm?) so giving 100 away is overkill for trying the network out.

Hopefully it stokes community exchange and gets wallets and txs used more regularly.

4 Likes

Thats cool, cos with advice from @josh, @chriso and others, I think a small but effective set of tests could get defined.
Apply for some tokens, download the test suite, run it and report.
no reprot, no tokens for you next time…
The whole thing could get done fairly quickly and with predictable minimal bandwidth, Meanwhile the devs get back structured test data with minimal variables to take into account.

anyhow I am for an early night, to try beat this lurgi -discuss amongst yourselves what minimal set of tests should be run by all testnetters to get max dev value for min testnetter effort --and how the results should be collected. Maybe we should all do as @Toivo did and change one pixel in an image - I like that :slight_smile:

3 Likes

Like it currently does confuses me. If you can hit the faucet up an unlimited amount of times we may as well continue to dish out 100.

The amount you receive in that case is irrelevant right?

3 Likes