ð
Original date posted:2021-10-01
ð Original message:Due to the uneven reputation factor of various devs, and uneven review
attention for new pull requests, this exercise would work best as a
secret sortition.
Sortition would encourage everyone to always be on their toes rather
than only when dealing with new github accounts or declared Red Team
devs. The ceremonial aspects would encourage more devs to participate
without harming their reputation.
https://en.wikipedia.org/wiki/Sortition
https://en.wikipedia.org/wiki/Red_team
The scheme should include public precommitments collected at
ceremonial intervals.
where:
hash1 /* sortition ticket */ = double-sha256(secret)
hash2 /* public precommitment */ = double-sha256(hash1)
The random oracle could be block hashes. They could be matched to
hash1, the sortition ticket. A red-team-concurrency difficulty
parameter could control how many least-significant bits must match to
be secretly selected. The difficulty parameter could be a matter of
group consensus at the ceremonial intervals, based on a group decision
on how much positive effect the Red Team exercise is providing.
Upon assignment, the dev would have community approval to
opportunistically insert a security flaw; which, when either caught,
merged, or on timeout, they would reveal along with the sortition
ticket that hashes to their public precommitment.
Sortition Precommitment Day might be once or twice a year.
Ryan Grant [ARCHIVE] /
npub19aâŠ6mwcl
2023-06-07 22:59:45
in reply to nevent1qâŠvm7f
Author Public Key
npub19a2m7qm80t7mzhgqfgunswhm5c3q4fkqt89057ugy7u8jdxncf2q06mwclPublished at
2023-06-07 22:59:45Event JSON
{
"id": "492d509508e6c6d20268bcdcd92d7e4d1bb15ea00a64dbf568b047ebff6fb252",
"pubkey": "2f55bf03677afdb15d004a39383afba6220aa6c059cafa7b8827b87934d3c254",
"created_at": 1686178785,
"kind": 1,
"tags": [
[
"e",
"739a040d0d2bf0c2af283f4c1b43b23cd92d356b601102d566ddc7f107759b95",
"",
"root"
],
[
"e",
"711c265933221eca1f0515acf1c1c3695297fcb75f2ed0370ccaaa47fffbb0e1",
"",
"reply"
],
[
"p",
"339a4dd213c9ce6fb7143bcbd13868ec03a78b2af67b0465c7cf83164bc01fa1"
]
],
"content": "ð
Original date posted:2021-10-01\nð Original message:Due to the uneven reputation factor of various devs, and uneven review\nattention for new pull requests, this exercise would work best as a\nsecret sortition.\n\nSortition would encourage everyone to always be on their toes rather\nthan only when dealing with new github accounts or declared Red Team\ndevs. The ceremonial aspects would encourage more devs to participate\nwithout harming their reputation.\n\n https://en.wikipedia.org/wiki/Sortition\n https://en.wikipedia.org/wiki/Red_team\n\nThe scheme should include public precommitments collected at\nceremonial intervals.\n\nwhere:\n hash1 /* sortition ticket */ = double-sha256(secret)\n hash2 /* public precommitment */ = double-sha256(hash1)\n\nThe random oracle could be block hashes. They could be matched to\nhash1, the sortition ticket. A red-team-concurrency difficulty\nparameter could control how many least-significant bits must match to\nbe secretly selected. The difficulty parameter could be a matter of\ngroup consensus at the ceremonial intervals, based on a group decision\non how much positive effect the Red Team exercise is providing.\n\nUpon assignment, the dev would have community approval to\nopportunistically insert a security flaw; which, when either caught,\nmerged, or on timeout, they would reveal along with the sortition\nticket that hashes to their public precommitment.\n\nSortition Precommitment Day might be once or twice a year.",
"sig": "739a85301487364c8e53eb0900cb4965e1ffd0643904e768c65bb3db1500050b46d22c34003d65c7d4683f062664245791afcfc6fcce65c4688d8d2dad5169ed"
}