Open in app

Sign in

Write

Sign in

Espresso — September, October Update

Mathew Cormier
4 min readNov 5, 2018

Two months have already passed as we continue our work on the Datastore and Drive app. That brings us to the end of our first milestone and the beginning of a new one. Let’s have a look at what we have accomplished so far.

For those who are not familiar with our project, the Datastore is a distributed storage library based on Aragon and Drive is a Dropbox-like app specifically designed for DAOs. You can learn more about us and our projects here or on our GitHub repositories.

What’s new?

Permission panel redesign and UI standardization

We have completely revamped the user interface for the permission panel. This new panel allows the user to set multiple permissions on multiple entities in one transaction. Not only does this save on overall gas consumption but it is also now easier and more straightforward to add, remove and modify existing permissions. You can view a small demo of the panel here.

A complete review of the UI has also been made to ensure uniformity throughout the app and make sure its design is in line with the official Aragon apps.

100% test coverage

Security is of paramount importance when managing files that may contain sensitive information. And one of the first line of defense to prevent and reduce the risk of attack vectors is to have well structured, documented and fully tested code. This is why one of our goal for this milestone was to achieve 100% test coverage on our smart contracts and we are pleased to announce that we have reached that goal. Next task will be to completely test the javascript code before submitting the apps for an audit.

Groups

Up until now, it was only possible to set read and write access on files for specific entities. i.e:

  • Bob (0x01ac…): Read, Write
  • Alice (0x02b1…): Read only
  • Mike (0x1cf2…): Read, Write
  • Emma (0x3dca…): Read, Write

In this example, Bob, Mike and Emma all share the same permissions on a file. But it turns out that it is fairly common for a group of people to share the same access on multiple files. So we decided to add the possibility to create groups. A group is simply a set of entities that are commonly associated with specific files. They are quite similar to user groups on Unix or Linux.

So instead of always adding the same three people with the same access, we could now create a “BME” group that contains Bob, Mike and Emma and have the following permissions on our file:

  • Alice (0x1cf2…): Read only
  • BME group: Read, Write

ACL integration

Another goal for our first milestone was to leverage the Aragon Control List (ACL) to manage the Datastore permissions. This task actually turned out to be a bit more troublesome than predicted as we faced problems with higher transaction gas cost and increased complexity with existing features. Fortunately, we managed to get a good working implementation that also pushes what the ACL can do and provides a good template for future projects. With all that said, there is still some drawbacks to our ACL implementation and we are still evaluating what is the best option in order to achieve optimal user experience. More on this in the near future.

File Encryption

A file storage service wouldn’t be complete without having the possibility to store files privately. While it may at first seem like a trivial task to implement, the intrinsic public nature of the blockchain makes it impossible to securely store private information on it. But with the help of an off-chain privacy provider and a robust encryption layer, we are nevertheless confident to be able to offer this feature to our users. And the first step in that direction has been completed. The Datastore has now an option to encrypt files before storing them. The currently supported algorithm is AES with 128bit or 256bit keys.

Other tasks

We also worked on the following tasks:

  • Refactor the code into libraries
  • Implement a Checkbox component
  • Renaming the projects
  • Add a linter
  • Coveralls integration
  • Fix the file type icon bug
  • Public file checkbox
  • Update to AragonOS 4.0 and Solidity 0.4.24

Transparency Report

In order to improve our transparency and to give more details about how we are spending the funds allocated to the team, we have set an internal goal of deploying a transparency page before the end of November 2018.

As for the months of September and October, we have spent 70 ETH on salaries.

What’s Next?

For the next sprint, the team will focus on optimizing our smart contracts. The limitations in Solidity are quite restrictive and we still have a lot of features to add, so we need to reduce our bytecode considerably and make sure it costs as less gas as possible to execute an action in the app. We will also start testing Keep as well as other decentralized privacy layers like Enigma.

Ethereum
Aragon

--

--

Mathew Cormier

Written by Mathew Cormier

8 Followers

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams