Re: [Hyperledger Project TSC] Fwd: TSC Voting Discussion Today


Vipin Bharathan
 

Hello Donald/All,

We are aware of what the charter says regarding the definition of "Active Contributor". Like you mention, it says anyone who contributes code, documentation or other artifacts to the HLP Codebase in the last twelve months.
 
The main thing to note is the spirit of this is to have active technical contributors be the voting body. Active in the sense of having contributed in the last 12 months. 

HLP Codebase is not conclusively defined, it has been interpreted as github.
There are plenty of technical artefacts that are not in git hub. a.None of the WG outputs which are technical in nature are in github. b. None of the wiki entries that are technical in nature are in github. This is what the debate is all about.

What is "active" is clear. Now what is "contribution", that is open to interpretation. Documents from working groups (including highly technical write ups) are in google docs, for ease of collaboration. There are items in the wiki contributed by people to either advance technical understanding of the platform or analysis or critiques of the solutions. All of these are technical contributions to the HLP. How do we include these contributors in the voting pool while keeping to the spirit of the charter?

I believe it is possible to do this without too much gymnastics and lawyerly wrangling by being generous in the definition of HLP codebase, to include google docs and the wiki. Absent this, to take a longer path, we can create repositories for each WG and check in the documents and have each person who contributed to the docs(evidenced by the revision history of the doc) and wishes to vote, touch the doc.

In addition, we have issues like the ones brought up by Mic Bowman, where he creates algorithms/other artefacts and other people check them in for him since he works for a large organisation like Intel. This is due to the disconnect between traditional open-source where there are a multitude of independent actors and the current manifestation where even big enterprises like IBM, Intel are working on open source in a collective way. I cannot think of an easy solution for this.

The matter of Sybil voting is a totally different subject. Setting a low bar (checked in a single character change to a comment for example) for eligibility for inclusion in the voting pool always invites the possibility of Sybil, there are other forms of hijack of the elections that are not Sybil in the true sense of the word not covered here as well.

Nowhere in the charter does it mention that there would be an easy and automated way to determine the voting pool. The manipulation and or restriction of voting pools has been historically used to misalign the governance of elected bodies both large and small; hence, getting this right is important.

Hope this throws more light than heat on the subject,

Regards,
Vipin

On Jul 13, 2017 10:12 PM, "Donald Liu via hyperledger-tsc" <hyperledger-tsc@...> wrote:
The charter has a concept of “Active Contributor” for this subject:

4.a.ii.
- Steady State: After the Startup Period, there shall be a nomination and election period for electing Contributors or Maintainers to the TSC. The TSC voting members shall consist of eleven (11) elected Contributors or Maintainers chosen by the Active Contributors. An Active Contributor is defined as any Contributor who has had a contribution accepted into the codebase during the prior twelve (12) months. The TSC shall approve the process and timing for nominations and elections held on an annual basis.

4.b.i.
- Contributors: anyone in the technical community that contributes code, documentation or other technical artifacts to the HLP codebase.

How to keep good track of “anyone”, e.g.: no duplication (or double spending) … don’t know, may boil down to how to do identity management if required.

Thanks,
Donald

On 14 Jul 2017, at 02:47, Vipin Bharathan via hyperledger-tsc <hyperledger-tsc@lists.hyperledger.org> wrote:



Forwarding to list

Begin forwarded message:

From: vipin bharathan <vipinsun@...>
Date: July 13, 2017 at 2:03:02 PM EDT
To: Hart Montgomery <hmontgomery@...>
Subject: Re: [Hyperledger Project TSC] TSC Voting Discussion Today

Hart,

In my understanding however, the debate today was about who can vote rather than who can stand for election. Given that only eligible voters can stand, it naturally follows that it is also about who can stand.

Expanding the voting pool to legitimate contributors was my first priority.  Thanks for pointing out the Sybil possibilities. This had crossed my mind as well and could happen if the bar is too low. But this is a secondary concern at this point. We may need to put some barriers up to prevent that.

Vipin 


On Jul 13, 2017 1:47 PM, "Hart Montgomery via hyperledger-tsc" <hyperledger-tsc@lists.hyperledger.org> wrote:

Hi Everyone,

 

In light of the discussion on the TSC election procedure today, I had a few comments.

 

The discussion centered around who was eligible to run for the TSC.  While this is important, I also thought it was worthwhile to think about who could vote.  This wasn’t really a point of emphasis during the meeting.

 

Chris brought up the point that anyone who really cared about participating could put in the fairly minimal time of creating an account and checking in some comment (or spell-checking some comment, which was I believe the exact reference) and then could be included in the contributor list.  My next thought was: why stop at 1 account?  Or 10?  Or 100? 

 

To me, this is a bit worrisome.  Our only duplicate checking consists of Tracy and Todd kindly asking people to remove duplicate emails.  For people whose alternate emails are not obviously related to their main emails, why not just vote twice?  It seems like, to put it in the terms of our field, our leadership election protocol is vulnerable to a Sybil attack!

 

While I don’t believe that this is probably a super-serious issue at this point in time (although I would be willing to bet that at least one person will vote at least more than once in the upcoming election if we stick with the current rules for contributors), this is probably something we should address at some point.  In theory, a couple of malicious maintainers (of any project) could completely hijack the TSC election by creating a bunch of scripted, dummy accounts that make inconsequential changes to files that don’t matter.  Given that the current count of contributors is only 300, someone could do this entirely by hand, probably get away with it, and have a substantial impact on the election (are you 100% sure that no one person controls, say, 30+ contributor email accounts?).  In the worst case, if something like r/btc picks up on this, we could be looking at “Mountain Dew” or something of that ilk on the TSC…

 

To be fair, Mountain Dew has probably contributed far more to the advancement of computer science than I ever will.  But, in all seriousness, I think we should have a discussion on what it means to be a “contributor” and I’m not convinced an automated solution is the answer, even for code contributions directly to projects.

 

Sorry for the long wall of text.  If you’ve made it this far, thanks for reading, and have a great day.

 

Thanks,

Hart


_______________________________________________
hyperledger-tsc mailing list
hyperledger-tsc@...ger.org
https://lists.hyperledger.org/mailman/listinfo/hyperledger-tsc

_______________________________________________
hyperledger-tsc mailing list
hyperledger-tsc@lists.hyperledger.org
https://lists.hyperledger.org/mailman/listinfo/hyperledger-tsc


_______________________________________________
hyperledger-tsc mailing list
hyperledger-tsc@lists.hyperledger.org
https://lists.hyperledger.org/mailman/listinfo/hyperledger-tsc


Join toc@lists.hyperledger.org to automatically receive all group messages.