This is the last week of my funding on Moderator Tools for PubHubs. It has been a pleasure working with the PubHubs team. The time seems to go quickly.
Over the last few weeks I have been documenting everything about the Moderator Tools for PubHubs project on my dedicated web site, https://www.ph.trax.im/.
To summarise, these are the main work areas in this project, linking to their web site sections:
Under Moderation, there are subsections for the main work areas of the project: Draupnir+Pantalaimon, Disclosure of Identity Attributes, and Civilised Discourse.
That last area is the one I am currently working on.
A moderator asks someone to disclose an attribute of their real identity. The recipient provide the requested attribute, using Yivi to attach a cryptographic proof.
In the last update I introduced a demo of attribute disclosure. I have since completed the main TODO there, making the disclosure flow happen on the recipient's account. (In the first demo the moderator's role and the recipient's role both took place in the same login session in the same account.)
This week I have been thinking about how we will need to improve the user experience, or flow, of this disclosure request and response.
Writing the dialogue boxes and associated logic by hand was tedious and buggy. Rapid prototyping would be helpful. I decided it's time for me to learn a better way. Being new to UI design and fervently open-source principled, I searched for a FOSS solution and found Quant-UX.
This month I have been building a PubHubs-specific feature, the ability for a moderator to ask a someone to disclose an attribute of their real identity.
When a person signs in to PubHubs hub through the Yivi verified credentials system, initially they are allocated a pseudonymous user identifier, for example @123-321:testhub.matrix.host. From this pseudonym, not even an operator or moderator of the hub can discover the user's real identity.
A moderator may wish to ask a user to confirm their real identity, to some degree. Through Yivi it is possible to ask a user to reveal a cryptographic proof [1] of one or more of their identity attributes. Some common attributes are one's real name, physical address, or email address. An attribute could also be something like “age is at least 18 years”.
Last week I was setting up Draupnir on my matrix test rig, in order to become familiar with Draupnir deployment before I integrate it with PubHubs.
Now I need to address end-to-end-encryption (E2EE). PubHubs exclusively uses encrypted matrix rooms, and Draupnir doesn't yet have E2EE functionality built-in. (Why is that? Moderation in public rooms is Draupnir's main use case, and for several reasons public matrix rooms are usually not encrypted. However PubHubs is different.)
There is a generic solution for adding E2EE to a matrix bot, and it's called Pantalaimon, an “E2EE aware proxy daemon for matrix clients.” So this week I'm setting up Pantalaimon.
I also want to automate, with Ansible, as much as possible of the set-up that is required before running that playbook. I aim to document here what I have done and open questions about it. The numbered steps here correspond to the manual instructions in that documentation linked above.
I updated and re-started my own test-bed installation of Pubhubs components.
I made some progress on my Ansible installation scripting of Pubhubs components.
I joined the new pubhubs-hosted project discussion room, in a “stable test hub”, which we would like to use instead of Slack, both for reasons of living our values and to “eat our own dog food”.
In our pubhubs dev room, we discussed implementing email notifications using Synapse's built-in support, which would be very useful for us maintining a long-term conversation in the room; and we discussed briefly some privacy implications if we wanted to offer follow-up notifications by email, or in other ways, to users who would like to remain pseudonymous.
This Week
Get some part of my Ansible deployment tested and published?
Start self-hosting Draupnir (on a normal matrix server) to get experience of deploying and using it.
Tech note: Dependency Updates
Updates needed, since around June/July.
dependencies: NodeJS and NPM: update to later than Node 12 (which was installed via Debian 11 packages). I now install via Ansible role geerlingguy.nodejs, which in turn uses the nodesource.com APT repo, and currently defaults to Node 16.
