1. toc@lists.hyperledger.org
  2. Messages
   Date   
A reminder that the TSC Agenda is up

Silona Bonewald <sbonewald@...>
 


Remember to read and comment on the updates that have been posted!

For people doing check-ins tomorrow,  it is expected that people have read the check-ins so only a high-level overview is necessary.  The focus is on questions. 

Thank you,
Silona

--
Silona Bonewald
VP of Community Architecture, Hyperledger
Mobile/Text: 512.750.9220
https://calendly.com/silona
The Linux Foundation
http://hyperledger.org
Re: Proposed release of the Composer security audit report

binh nguyen
 

+1 to both.

Thanks 

Binh

On Tue, Feb 19, 2019 at 5:19 PM Dave Huseby <dhuseby@...> wrote:
Hello TSC,

The time has come for the TSC to approve the release of the Composer audit report.  The Composer audit done by Nettitude found a total of five issues, 2 medium risk, 2 low risk, and 1 data leakage notice.

The first of the medium risk errors was simple to fix. Credentials for logging into blockchain instances were stored in world-readable files instead of only user-readable files.

The second of the medium risk errors was the playground server accepting connections from any source IP address. This was solved by changing the code to bind to the loopback interface.

The other issues were about accepting non-TLS connections and leaking unnecessary information in log error messages.

Now that all of the issues of medium or higher have been fixed, it is time to publish the report and announce it. As always, if you are a member of the TSC and would like to read the reports before approving them, please email me directly and I will arrange for you to receive a copy.

Cheers!
Dave
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...
Re: Proposed release of the Composer security audit report

Arnaud Le Hors
 

Likewise! +1.
Thanks.
--
Arnaud  Le Hors - Senior Technical Staff Member, Web & Blockchain Open Technologies - IBM




From:        "Mark Wagner" <mwagner114@...>
To:        David Huseby <dhuseby@...>
Cc:        Hart Montgomery <hmontgomery@...>, Mic Bowman <cmickeyb@...>, Hyperledger List <tsc@...>
Date:        02/20/2019 01:34 AM
Subject:        Re: [Hyperledger TSC] Proposed release of the Composer security audit report
Sent by:        tsc@...



+1 to both releasing the report and proposing a change to the process.

mark


On Tue, Feb 19, 2019, 19:09 Dave Huseby <dhuseby@...> wrote:
That's a good proposal Hart. The policy now is to ask for approval to release these but it probably should be revised to: "release them as soon as all high and medium issues are resolved and only ask for TSC approval if there are any outstanding issues.".

If y'all agree, I'll make a formal policy change request to this list and we can do a quick vote on Thursday. That will streamline things.

Dave
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...


On Tue, Feb 19, 2019 at 4:00 PM Montgomery, Hart <hmontgomery@...> wrote:
+1.  As usual, I’m pretty much always in favor of releasing these.

 

Can we automate this process?  It seems like we should have some kind of policy in the vein of “release the security audits unless there are major outstanding issues.”

 

Thanks,

Hart

 

From: tsc@...[mailto:tsc@...] On Behalf Of Mic Bowman
Sent: Tuesday, February 19, 2019 3:29 PM
To: Dave Huseby <dhuseby@...>
Cc: Hyperledger List <tsc@...>
Subject: Re: [Hyperledger TSC] Proposed release of the Composer security audit report

 

seems low risk to release. 

+1

 

--mic

 

 

On Tue, Feb 19, 2019 at 2:19 PM Dave Huseby <dhuseby@...> wrote:

Hello TSC,

The time has come for the TSC to approve the release of the Composer audit report.  The Composer audit done by Nettitude found a total of five issues, 2 medium risk, 2 low risk, and 1 data leakage notice.

The first of the medium risk errors was simple to fix. Credentials for logging into blockchain instances were stored in world-readable files instead of only user-readable files.


The second of the medium risk errors was the playground server accepting connections from any source IP address. This was solved by changing the code to bind to the loopback interface.

 

The other issues were about accepting non-TLS connections and leaking unnecessary information in log error messages.

Now that all of the issues of medium or higher have been fixed, it is time to publish the report and announce it. As always, if you are a member of the TSC and would like to read the reports before approving them, please email me directly and I will arrange for you to receive a copy.

Cheers!
Dave
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...

---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...
Proposed change in security audit report release process

Dave Huseby <dhuseby@...>
 

Hi TSC,

I would like to propose changing the security audit report release process so that once all high and medium security vulnerabilities are resolved, the report can be published without the approval of the TSC. To be explicit, TSC approval would be required to release a report with high and medium severity security bugs that have not been fixed. I can't imaging why we would ever need to do that, but I think it warrants stating and approving that explicitly.

I don't need an indication of approval here, we can just do a quick vote on the process change at the Thursday meeting. Then I won't have to bug you on every report. I'll just send an email announcing its release along with the blog post detailing any interesting findings.

Cheers!
Dave
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...
Re: Proposed release of the Composer security audit report

Baohua Yang
 

+1!
Thanks dave for the work!

On Wed, Feb 20, 2019 at 6:19 AM Dave Huseby <dhuseby@...> wrote:
Hello TSC,

The time has come for the TSC to approve the release of the Composer audit report.  The Composer audit done by Nettitude found a total of five issues, 2 medium risk, 2 low risk, and 1 data leakage notice.

The first of the medium risk errors was simple to fix. Credentials for logging into blockchain instances were stored in world-readable files instead of only user-readable files.

The second of the medium risk errors was the playground server accepting connections from any source IP address. This was solved by changing the code to bind to the loopback interface.

The other issues were about accepting non-TLS connections and leaking unnecessary information in log error messages.

Now that all of the issues of medium or higher have been fixed, it is time to publish the report and announce it. As always, if you are a member of the TSC and would like to read the reports before approving them, please email me directly and I will arrange for you to receive a copy.

Cheers!
Dave
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...



--
Best wishes!

Baohua Yang
Re: Proposed release of the Composer security audit report

Mark Wagner
 

+1 to both releasing the report and proposing a change to the process.

mark

On Tue, Feb 19, 2019, 19:09 Dave Huseby <dhuseby@...> wrote:
That's a good proposal Hart. The policy now is to ask for approval to release these but it probably should be revised to: "release them as soon as all high and medium issues are resolved and only ask for TSC approval if there are any outstanding issues.".

If y'all agree, I'll make a formal policy change request to this list and we can do a quick vote on Thursday. That will streamline things.

Dave
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...


On Tue, Feb 19, 2019 at 4:00 PM Montgomery, Hart <hmontgomery@...> wrote:

+1.  As usual, I’m pretty much always in favor of releasing these.

 

Can we automate this process?  It seems like we should have some kind of policy in the vein of “release the security audits unless there are major outstanding issues.”

 

Thanks,

Hart

 

From: tsc@... [mailto:tsc@...] On Behalf Of Mic Bowman
Sent: Tuesday, February 19, 2019 3:29 PM
To: Dave Huseby <dhuseby@...>
Cc: Hyperledger List <tsc@...>
Subject: Re: [Hyperledger TSC] Proposed release of the Composer security audit report

 

seems low risk to release. 

+1

 

--mic

 

 

On Tue, Feb 19, 2019 at 2:19 PM Dave Huseby <dhuseby@...> wrote:

Hello TSC,

The time has come for the TSC to approve the release of the Composer audit report.  The Composer audit done by Nettitude found a total of five issues, 2 medium risk, 2 low risk, and 1 data leakage notice.

The first of the medium risk errors was simple to fix. Credentials for logging into blockchain instances were stored in world-readable files instead of only user-readable files.


The second of the medium risk errors was the playground server accepting connections from any source IP address. This was solved by changing the code to bind to the loopback interface.

 

The other issues were about accepting non-TLS connections and leaking unnecessary information in log error messages.

Now that all of the issues of medium or higher have been fixed, it is time to publish the report and announce it. As always, if you are a member of the TSC and would like to read the reports before approving them, please email me directly and I will arrange for you to receive a copy.

Cheers!
Dave
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...

---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...
Re: Proposed release of the Composer security audit report

Dave Huseby <dhuseby@...>
 

That's a good proposal Hart. The policy now is to ask for approval to release these but it probably should be revised to: "release them as soon as all high and medium issues are resolved and only ask for TSC approval if there are any outstanding issues.".

If y'all agree, I'll make a formal policy change request to this list and we can do a quick vote on Thursday. That will streamline things.

Dave
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...


On Tue, Feb 19, 2019 at 4:00 PM Montgomery, Hart <hmontgomery@...> wrote:

+1.  As usual, I’m pretty much always in favor of releasing these.

 

Can we automate this process?  It seems like we should have some kind of policy in the vein of “release the security audits unless there are major outstanding issues.”

 

Thanks,

Hart

 

From: tsc@... [mailto:tsc@...] On Behalf Of Mic Bowman
Sent: Tuesday, February 19, 2019 3:29 PM
To: Dave Huseby <dhuseby@...>
Cc: Hyperledger List <tsc@...>
Subject: Re: [Hyperledger TSC] Proposed release of the Composer security audit report

 

seems low risk to release. 

+1

 

--mic

 

 

On Tue, Feb 19, 2019 at 2:19 PM Dave Huseby <dhuseby@...> wrote:

Hello TSC,

The time has come for the TSC to approve the release of the Composer audit report.  The Composer audit done by Nettitude found a total of five issues, 2 medium risk, 2 low risk, and 1 data leakage notice.

The first of the medium risk errors was simple to fix. Credentials for logging into blockchain instances were stored in world-readable files instead of only user-readable files.


The second of the medium risk errors was the playground server accepting connections from any source IP address. This was solved by changing the code to bind to the loopback interface.

 

The other issues were about accepting non-TLS connections and leaking unnecessary information in log error messages.

Now that all of the issues of medium or higher have been fixed, it is time to publish the report and announce it. As always, if you are a member of the TSC and would like to read the reports before approving them, please email me directly and I will arrange for you to receive a copy.

Cheers!
Dave
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...

---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...
Re: Proposed release of the Composer security audit report

Olson, Kelly M <kelly.m.olson@...>
 

+1

 

From: tsc@... [mailto:tsc@...] On Behalf Of hmontgomery@...
Sent: Tuesday, February 19, 2019 4:00 PM
To: Mic Bowman <cmickeyb@...>; Dave Huseby <dhuseby@...>
Cc: Hyperledger List <tsc@...>
Subject: Re: [Hyperledger TSC] Proposed release of the Composer security audit report

 

+1.  As usual, I’m pretty much always in favor of releasing these.

 

Can we automate this process?  It seems like we should have some kind of policy in the vein of “release the security audits unless there are major outstanding issues.”

 

Thanks,

Hart

 

From: tsc@... [mailto:tsc@...] On Behalf Of Mic Bowman
Sent: Tuesday, February 19, 2019 3:29 PM
To: Dave Huseby <dhuseby@...>
Cc: Hyperledger List <tsc@...>
Subject: Re: [Hyperledger TSC] Proposed release of the Composer security audit report

 

seems low risk to release. 

+1

 

--mic

 

 

On Tue, Feb 19, 2019 at 2:19 PM Dave Huseby <dhuseby@...> wrote:

Hello TSC,

The time has come for the TSC to approve the release of the Composer audit report.  The Composer audit done by Nettitude found a total of five issues, 2 medium risk, 2 low risk, and 1 data leakage notice.

The first of the medium risk errors was simple to fix. Credentials for logging into blockchain instances were stored in world-readable files instead of only user-readable files.


The second of the medium risk errors was the playground server accepting connections from any source IP address. This was solved by changing the code to bind to the loopback interface.

 

The other issues were about accepting non-TLS connections and leaking unnecessary information in log error messages.

Now that all of the issues of medium or higher have been fixed, it is time to publish the report and announce it. As always, if you are a member of the TSC and would like to read the reports before approving them, please email me directly and I will arrange for you to receive a copy.

Cheers!
Dave
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...

---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...
Re: Proposed release of the Composer security audit report

hmontgomery@us.fujitsu.com <hmontgomery@...>
 

+1.  As usual, I’m pretty much always in favor of releasing these.

 

Can we automate this process?  It seems like we should have some kind of policy in the vein of “release the security audits unless there are major outstanding issues.”

 

Thanks,

Hart

 

From: tsc@... [mailto:tsc@...] On Behalf Of Mic Bowman
Sent: Tuesday, February 19, 2019 3:29 PM
To: Dave Huseby <dhuseby@...>
Cc: Hyperledger List <tsc@...>
Subject: Re: [Hyperledger TSC] Proposed release of the Composer security audit report

 

seems low risk to release. 

+1

 

--mic

 

 

On Tue, Feb 19, 2019 at 2:19 PM Dave Huseby <dhuseby@...> wrote:

Hello TSC,

The time has come for the TSC to approve the release of the Composer audit report.  The Composer audit done by Nettitude found a total of five issues, 2 medium risk, 2 low risk, and 1 data leakage notice.

The first of the medium risk errors was simple to fix. Credentials for logging into blockchain instances were stored in world-readable files instead of only user-readable files.


The second of the medium risk errors was the playground server accepting connections from any source IP address. This was solved by changing the code to bind to the loopback interface.

 

The other issues were about accepting non-TLS connections and leaking unnecessary information in log error messages.

Now that all of the issues of medium or higher have been fixed, it is time to publish the report and announce it. As always, if you are a member of the TSC and would like to read the reports before approving them, please email me directly and I will arrange for you to receive a copy.

Cheers!
Dave
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...

---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...
Re: Proposed release of the Composer security audit report

Mic Bowman
 

seems low risk to release. 
+1

--mic


On Tue, Feb 19, 2019 at 2:19 PM Dave Huseby <dhuseby@...> wrote:
Hello TSC,

The time has come for the TSC to approve the release of the Composer audit report.  The Composer audit done by Nettitude found a total of five issues, 2 medium risk, 2 low risk, and 1 data leakage notice.

The first of the medium risk errors was simple to fix. Credentials for logging into blockchain instances were stored in world-readable files instead of only user-readable files.

The second of the medium risk errors was the playground server accepting connections from any source IP address. This was solved by changing the code to bind to the loopback interface.

The other issues were about accepting non-TLS connections and leaking unnecessary information in log error messages.

Now that all of the issues of medium or higher have been fixed, it is time to publish the report and announce it. As always, if you are a member of the TSC and would like to read the reports before approving them, please email me directly and I will arrange for you to receive a copy.

Cheers!
Dave
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...
Proposed release of the Composer security audit report

Dave Huseby <dhuseby@...>
 

Hello TSC,

The time has come for the TSC to approve the release of the Composer audit report.  The Composer audit done by Nettitude found a total of five issues, 2 medium risk, 2 low risk, and 1 data leakage notice.

The first of the medium risk errors was simple to fix. Credentials for logging into blockchain instances were stored in world-readable files instead of only user-readable files.

The second of the medium risk errors was the playground server accepting connections from any source IP address. This was solved by changing the code to bind to the loopback interface.

The other issues were about accepting non-TLS connections and leaking unnecessary information in log error messages.

Now that all of the issues of medium or higher have been fixed, it is time to publish the report and announce it. As always, if you are a member of the TSC and would like to read the reports before approving them, please email me directly and I will arrange for you to receive a copy.

Cheers!
Dave
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...
Hyperledger Technical WG China Quarterly Update Due #tsc-wg-update - Thu, 02/21/2019 #tsc-wg-update #cal-reminder

tsc@lists.hyperledger.org Calendar <tsc@...>
 

Reminder:
Hyperledger Technical WG China Quarterly Update Due #tsc-wg-update

When:
Thursday, 21 February 2019

Organizer:
tkuhrt@...

Description:
The Hyperledger Technical WG China update to the TSC was due February 18, 2019, and it will be presented to the TSC on February 21, 2019. Please review the update at TSC Working Group Updates prior to the meeting and add your questions to the update.

View Event

Hyperledger Cello Quarterly Update Due #tsc-project-update - Thu, 02/21/2019 #cal-reminder #tsc-project-update

tsc@lists.hyperledger.org Calendar <tsc@...>
 

Reminder:
Hyperledger Cello Quarterly Update Due #tsc-project-update

When:
Thursday, 21 February 2019

Organizer:
tkuhrt@...

Description:
The Hyperledger Cello update to the TSC was due February 18, 2019, and it will be presented to the TSC on February 21, 2019. Please review the update at TSC Project Updates prior to the meeting and add your questions to the update.

View Event

Deadline Friday, February 22: Call for 2019 Hyperleger Internship Projects and Mentors

Min Yu
 

Dear Hyperledger Community Members,

Hyperledger is expanding the internship program to fund 15 internship projects this year. The internship program is aimed at creating a structured hands-on learning opportunity for new developers who may otherwise lack the opportunity to gain exposure to Hyperledger open source development and entry into the technical community. Additional program information, including the program timeline, is available on the wiki.

This is a great contribution opportunity for community members like you to get involved. Whether you're looking for fresh ideas or perspectives, or mentoring opportunities, or additional contributors for your project, the internship program provides a pathway for you to work with aspiring student developers. 

Please submit a project proposal and volunteer yourself as a mentor; the deadline for submission is this Friday, February 22nd.     

Thank you,
Min
--
Min Yu
Operations Manager
The Linux Foundation
+1(530) 902-6464 (m)



---------- Forwarded message ---------
From: Min Yu <myu@...>
Date: Mon, Feb 11, 2019 at 9:54 AM
Subject: Get Involved! Become a Mentor for an Intern >> Call for 2019 Hyperleger Internship Projects and Mentors
To: <hyperledger-discuss@...>, <hyperledger-tsc@...>, <ambassadors@...>, <universities@...>


Hyperledger Technical Community -

Read below testimonials from former mentors. We encourage you to get involved and become a mentor for an intern this year. The deadline to submit a project proposal is Friday next week, February 22nd.

"The internship program was a great experience for my co-mentor and me. We found an intern who showed a ton of potential and was eager to learn and looking for a good first step into the real world. Though the time differences and our conflicting schedules presented us with some challenges, the end result really made everything worth it. Our intern was successful in completing her project, we got a new feature added to the fabric chaincode evm, and our intern left with skills that could help her throughout her career. The internship is a great way to bring some fresh eyes into our community but also an opportunity for those already in it to find ways to make it better." - Swetha Repakula, IBM, 2018 Mentor

"As a mentor, I find it's a wonderful experience to help the intern students to get involved into the open source projects, where they show lots of passions and self-motivations. University are the birthplace of open source, and it's always a great honor to help these fledging blockchain researchers&engineers." - Baohua Yang, Oracle, 2017 and 2018 Mentor

"Having a chance to work with someone who is both new to Hyperledger and early in their software engineering career brings new perspectives that are important. A risk of working on the same thing for too long is that you get used to the way things are and don’t stop and question why something is done in a particular way and if there may be a new or better alternative. Being a mentor requires you to both be able to explain the existing architecture and answer those “why” questions that you may have ignored otherwise." - Sheehan Anderson, State Street, 2018 Mentor


On Mon, Jan 28, 2019 at 10:59 AM Min Yu <myu@...> wrote:
Hyperledger Technical Community:

Today, we’re excited to open the call for the 2019 internship mentors and project ideas. We’re looking to sponsor 15 internship projects this year.

The Hyperledger internship program is aimed at creating a structured hands-on learning opportunity for college students who may otherwise lack the opportunity to gain exposure to Hyperledger open source development and entry to the technical community. It also provides a more defined path for Hyperledger to connect with the next generation of student developers to inject more talent into its developer base.

If you’ve identified a project or task that’s suitable for an internship project and you’re interested in mentoring a student developer, please define the project by completing the internship project proposal template on the wiki before February 22. Additional timeline for this year’s program is as follows:
  • Call for Internship Projects and Mentors: January 28 - February 22, 2019
  • TSC Review and Approval of Internship Projects: February 22 - February 28, 2019
  • Application Period: March (and possible through April 12, 2019)
  • Application Review and Applicant Interview: April
  • Intern Acceptance: end of April
  • Intern/Mentor Introduction and Onboarding: May
  • Intern Start Date: June 3, 2019
  • Full-time Intern Completion Date: August 23, 2019 (12 consecutive weeks)
  • Part-time Intern Completion Date: November 15, 2019 (24 consecutive weeks)

A few things to note as you plan to submit a project for consideration:
  • Multiple mentors supervising one intern per project would be desirable as this helps spread the workload and reduce the challenge of coverage caused by working remotely with an intern in a different time zone.
  • The mentor(s) need to be familiar with the project and is/are expected to directly supervise the intern’s technical work.
  • The proposed project needs to be clearly scoped and structured to be suitable for an internship project.
  • The project should be related to one of the current Hyperledger frameworks or tools.
  • The mentor(s) should be ready to be the sponsor of the internship project as a Hyperleger Lab when the internship commences. This ensures that the project progress can be tracked and the project output can be publicly accessible to the community.

Interns will be eligible to receive a stipend. The stipend will be paid in several installments provided that regular interval evaluations show the intern is making satisfactory progress. Each intern who has successfully completed the program will be invited and financially sponsored by Hyperledger to attend an event/conference and present their work to the broader community (specific event TBD but will be during Q3 or Q4 of this year). 

We look forward to your submission of a project and thank you in advance for volunteering your time to contribute to the training of the new talent pool in the Hyperledger community.

Kind regards,
Min

--
Min Yu
Operations Manager
The Linux Foundation
+1(530) 902-6464 (m)
myu@...
14 February, 2019 TSC meeting minutes

Dave Huseby <dhuseby@...>
 

Hi Everyone,

The meeting minutes as well as the recordings of the TSC meeting on 14 February are now posted here:

https://wiki.hyperledger.org/display/HYP/2019+02+14+TSC+Minutes

Cheers!
Dave
---
David Huseby
Security Maven, Hyperledger
The Linux Foundation
+1-206-234-2392
dhuseby@...
Re: Agenda for TSC Valentines Day meeting is live

mark wagner <mwagner@...>
 

I am unable to attend the meeting today.

-mark


On Wed, Feb 13, 2019 at 1:32 PM Silona Bonewald <sbonewald@...> wrote:

Please feel free to add inline comments.  Don't need to click "edit". simply highlight and wait a second and a comment button will occur.

Cheers,
Silona

--
Silona Bonewald
VP of Community Architecture, Hyperledger
Mobile/Text: 512.750.9220
https://calendly.com/silona
The Linux Foundation
http://hyperledger.org



--
Mark Wagner
Senior Principal Software Engineer
Performance and Scalability
Red Hat, Inc
2019 Q1 Perf and Scale WG update

mark wagner <mwagner@...>
 

Distinguished Colleagues


I apologize for the tardiness in getting this out.

Respectfully

--
Mark Wagner
Chair, Performance and Scale Working Group
Hyperledger
Re: [confluence] Hyperledger > Performance and Scale WG

Silona Bonewald <sbonewald@...>
 

Notice the Performance and Scale's TSC update page is up.


TSC members please review and check your name off before the meeting on Thursday morning.

Thank you,
Silona


On Wed, Feb 13, 2019 at 1:04 PM Mark Wagner (Confluence) <noreply@...> wrote:
Mark Wagner created a page
 
page icon
Performance and Scale WG

Working Group

Performance and Scale Working Group (PSWG)

Working Group Health

The PSWG published the Metrics Document late last year.  This provides low level metric definitions that should apply to most DLT implementations. (Latency, throughput, etc)

The group is now going to "move up the stack" and define metrics that pertain to general use cases (verticals).  We have started to focus on supply chain and look to define basic performance and scalability measurements for that area. We reached out to the community a few weeks ago and received a lot of positive energy. Now we need to follow up. We also need to reach out specifically to project Grid and there are rumors of a Supply Chain SIG that we will also explore common areas with.

In January 2019 we also had a call with STAC. STAC is a for profit organization focused on performance in the securities and financial space.  The goal of our interaction is to see if there is some common ground between Hyperledger and STAC and look for areas of cooperation. If we (PSWG) proceed down this path, we will also need to look at the specific use cases that would pertain to the STAC members. We will also reach out to the Hyperledger Financial SIGs as appropriate.

The group has maintained a core of eight regular participants spread across the globe and across many companies and academia. The discussions remain very technical and perhaps we get too deep. We continue to reach outside of the Hyperledger community and have regular contributions and feedback on our work from this population.

Issues

If we proceed with STAC there is concern about being able to get everything done. We discussed the need to increase participants via direct recruiting or leveraging other Hyperledger activities (SIGs, projects, WGs), or drop the supply chain effort for now.  Because of this, the Supply Chain effort has been intentionally slowed a bit, which in hindsight is probably an error on my part.

Overall Activity in the Past Quarter

Due to holidays , winter breaks, and vacation schedules, meetings have been less frequent but that will change now as we get into the doldrums of February.  There was also a natural slowdown due to publishing our Metric Document.  Overall the group has been active and there have been many discussions on what to do next. We decided on defining metrics metrics for supply chain.

Planned Work Products

At this point we need to move forward with our supply chain work. This will also get more involved with other Hyperledger efforts.

We will also continue to pursue the STAC relationship. This will get us involved with the external community and help make Hyperledger visible to the STAC members. We will also work with Hyperledger activities focused in the financial and securities space.

The output of any of this work will be to define metrics that apply to the specific verticals and use cases.

Participant Diversity

This is a very active and diverse group of people from North America, Europe, and Russia. As mentioned above, we have a good mix of companies and folks from academia. From a gender diversity perspective, It is mainly male with an occasional female participant. We received positive feedback on the shout out for help with Supply Chain and should and see an increase in participation from that effort.

Additional Information

Reviewed By

Arnaud Le Hors
Baohua Yang
Binh Nguyen
Christopher Ferris
Dan Middleton
Hart Montgomery
Kelly Olson
Mark Wagner
Mic Bowman
Nathan George
Silas Davis


View page Icon View page
Add comment Icon Add comment
Like Icon Like
 
Stop watching space
Manage notifications
This message was sent by Atlassian Confluence 6.11.2


--
Silona Bonewald
VP of Community Architecture, Hyperledger
Mobile/Text: 512.750.9220
https://calendly.com/silona
The Linux Foundation
http://hyperledger.org
Agenda for TSC Valentines Day meeting is live

Silona Bonewald <sbonewald@...>
 


Please feel free to add inline comments.  Don't need to click "edit". simply highlight and wait a second and a comment button will occur.

Cheers,
Silona

--
Silona Bonewald
VP of Community Architecture, Hyperledger
Mobile/Text: 512.750.9220
https://calendly.com/silona
The Linux Foundation
http://hyperledger.org
[confluence] Hyperledger > 2019 Q1 Hyperledger Burrow

Silona Bonewald <sbonewald@...>
 

Hello TSC Members,

The Burrow Update is live on the wiki - please read and your name off before the meeting.


Thank you,
Silona


Sean Young created a page
 
page icon
2019 Q1 Hyperledger Burrow

Project

Project Health

Project health is largely the same as in previous update. We are have added some unique features around dump and restore (our chain reset mechanism) and we have a number of casual contributors. We still lack maintainer diversity outside of Monax. There is a steady flow of interest and we a pushing plenty of code relating to our continued heavy use of Burrow.

Issues

The biggest areas of help would be with tooling and documentation. 

Releases

  • v0.23.3: Emergency bug fix

  • v0.23.2: Fixed issue with checkpointing whereby RWTree would load its readTree from one version lower than it should.

Overall Activity in the Past Quarter

Vent has been merged into burrow. Vent dynamically creates SQL database tables from EVM events according to some specification files maintaining its offset in the chain as it goes. In addition, we can dump the chain state using a new dump tool. This state can then be provided as an initial state for a new chain. This allows us to make backwards incompatibility changes. Several backwards incompatible changes will be needed for supporting new features the like proposal mechanism. The proposal mechanism has received further fixes to make it production ready.

Current Plans

Create Q1 2019 Burrow Roadmap.

We have an active side project looking at using modern compiler tooling to compile Solidity to WASM and are interested in being part of any future movement to share code/structures through WASM execution and interfaces. To that end we are planning to look into the possibility of mounting Go wagon as a WASM interpreter next to our EVM.

We have also been building much business-process-on-a-blockchain functionality with the combination of Burrow and Blackstone our BPM engine implemented in Solidity and Node.JS. We are looking at improving Burrow's native abilities as a process-focussed blockchain. We'd like to explore the possibility of Hyperledger being host to the Blackstone project in some form - it should have relevance to fabric-evm and sawtooth-seth.

Maintainer Diversity

We have added one maintainer from Monax and have a strong candidate outside Monax in Pierrick Hymbert who has become a contributor and has expressed interest in maintainership.

Current maintainers are:

  • Greg Hill (Monax)

  • Silas Davis (Monax)

  • Sean Young (Monax)

  • Casey Kuhlman (Monax)

  • Tyler Jackson (Monax)

Contributor Diversity

We have received bug reports and pull requests from the Fabric team.  There have been several 

Reviewed by

Arnaud Le Hors
Baohua Yang
Binh Nguyen
Christopher Ferris
Dan Middleton
Hart Montgomery
Kelly Olson
Mark Wagner
Mic Bowman
Nathan George
Silas Davis


View page Icon View page
Add comment Icon Add comment
Like Icon Like
 
This message was sent by Atlassian Confluence 6.11.2


--
Silona Bonewald
VP of Community Architecture, Hyperledger
Mobile/Text: 512.750.9220
https://calendly.com/silona
The Linux Foundation
http://hyperledger.org
1861 - 1880 of 3904