Topic: [ANN] CIYAM Open - Put your "dibs" on tasks for BTC! - page 4. (Read 13799 times)

I have enlarged "header_row.gif" so hopefully that looks a bit nicer (am running some "browsershots" now but nothing that looks like your snapshot has come up yet).

It's nearly there (just another minor tweak to the script and it should be done) - this task is now reserved for your completion (so no point in others "bidding" on it).

done by me
https://github.com/ciyam/ciyam/pull/7

PS: posting this for reference.

Okay - the new slideshow is up at http://ciyam.org (you will need to force a page refresh to see the new stuff).

I do hope that this will help make it clearer just what CIYAM Open is all about - questions and feedback welcomed.

Also as an easy first task for someone to work on I've decided to outsource changing the copyright dates in the non-generated source code (1 BTC for that and I'm guessing anyone who is familiar with awk/sed/grep could probably get it done in a few minutes).

Am only about 1/4 way through creating the new slideshow so far (much faster when I create software than when I create slideshows).

BTW if anyone knows any "marketing" people that might be interested to contact me please let them know that I would be interested in getting help (am willing to pay either $ or BTC for materials created by someone with a proven track record).

I think it might be helpful for both potential Developers and Project Managers if I create a new slideshow that steps through the process of bidding for a task (as a Developer), accepting a bid (as a Project Manager) through to the final completion of a task.

This should hopefully be completed and up on the main page (http://ciyam.org) by tomorrow (editing the screen snapshots from the Tab does take a bit of time unfortunately).

For those more interested in the "hardcore tech" side of things I whipped up a script to turn the .txt documentation into .html and have put it here:

http://ciyam.org/docs

(and yes I have a bit of OCD when it comes to the way I like to format the text in full justification without adding extra spaces)

Also - consider an NGO that wants to be as "open" as humanly possible:

with CIYAM Open they can:

1) create their top level donation address as their Project

2) create Project Areas for say "Charity Drives", "Marketing", "Accounting" and "Development" (each with a donation address)

3) create specific Project Tasks tasks for every single Charity Drive, Marketing task, accounting task, etc. all of which can be individually donated to

By using the mechanism that CIYAM Open itself uses (raw tx's) or by simply creating separate wallets for the Project and each of its Project Area addresses the Project Manager can move the BTC from the *top* to the *bottom* giving you a 100% publicly audit-able organisation (verifiable via the block chain).

As a case in point CIYAM Open itself is 100% publicly audit-able (and always will be) and any "fees" that I may charge for listing other Projects down the track will actually be in the form of "donations" made to the CIYAM Open project itself or other projects that I see fit to promote (so that *zero* profit will ever go directly to myself and that can be verified by anyone with access to the block chain and the list of relevant addresses which are kept on CIYAM Open even after tasks are "completed").

Okay - first major differences are:

1) CIYAM Open funds are not "returnable donations" (although an escrow address per task will be being added for those wanting that)

2) Stemming from the above a task that fails to be completed on time does not *end* but can continue with a *new delivery date* (with another bid now being chosen for acceptance)

3) Developers get (and can lose) *skill points* per task allowing them to build a rep for the things they are good at (making it more likely that their bids will be accepted vs those with no or low points)

4) You can donate to either the whole project, a project area (which can be nested) or to an individual task within the project.

I think this makes the CIYAM Open concept more of a "long-term development model" than a "kickstarting model" (especially when you look at the "sklls" side).

Hope that helps make it a bit clearer.

You could try comparing it with indiegogo and other crowdfunding site, and state your advantages/focuses as compared to them. I'm no marketing guru, but a simple comparison with another existing service might be the easiest way to introduce it to someone new.

PS: I'm still working out on CIYAM Open's details though, so my analogue above might be way off.

Thanks Ente and yes unfortunately I am 100% "no salesman" (too interested in the tech and software).

Let me try and describe "in a nutshell" what CIYAM Open is:

"It's a way of organising, funding and paying for contributions of tasks for projects (be they open source software projects or even say NGO's) that is 100% open and audit-able by the general public".

(yes still too many words - any Marketing gurus want to trim that down for me?)

I believe this is actually a first of it's kind (but am not trying to make too "bold a claim" and am happy to be corrected if wrong).

The rest (and there is a lot) I will try and communicate in small chunks in the coming weeks and months (it took literally years to create this system and will probably take me at least a whole year to fully describe it unfortunately - but don't worry I will be dedicating all my working days and nights to doing this from now on).

Thank you for your project, Ian!
You are both dedicated with the project itself as with keeping us updated here, thank you! :-)

Now there is somewhat low resonance..
I believe you started with details too quick. Sure, I enjoy talking about "shall we use ssl- or gpg-encryption?" as much as everyone else around here.. But somehow, in my view, you missed to state what exactly your project does, and in what points it does better than what we have now. That is, in a few, simple, totally non-tech sentences. A "conclusion" for executive level decision.
Like, you know, people first decide if a tool seems useful, and then have a second look if it is safe and sane ;-)

..keep rollin! :-)

Ente

I can't wait to get my P2P Crypt project funded, I just need to find time to get all the tasks listed (perhaps in a couple of weeks I'll have more time), Keep up the good work with the project; I like it, everything is super simple and silky smooth, Cheers mate!

(casually opens the door to a new way of working - updated the OP with details)

For my 1,000th post apart from the profile name change (I still am the Director of CIYAM Pty. Ltd. but now think that its future role in CIYAM Open is most likely only going to be one of sponsorship) I'd like to start to introduce people to the project that had initially began as a part-time hobby and has turned out to now be a full-time obsession (for the last few years in particular) to improving the way that software is developed at a very fundamental level.

If you have a spare 5 minutes please take a look at the following:

http://ciyam.org/open/?cmd=view&data=20121221010507352000_P&ident=M100V112&chksum=d36e9a6a

I haven't rushed into creating this software platform as it is actually the culmination of design ideas, patterns and algorithms that I had begun developing as way back as 2000.

By far the hardest thing about Software Manufacturing has been convincing people it actually works and I don't expect the audience on Bitcointalk to be anything but skeptical but I am patient and will be happy to answer questions about any aspect of the system (and yes I know the documentation at this stage is rather minimal).

I have already created a CIYAM Safe for handling the transactions for CIYAM Open that will be performed in an externally audit-able manner (effectively "opening" the organisation's General Ledger for scrutiny by anyone that has access to the blockchain).

I look forward to getting younger (and fresher) minds involved in this project and pledge that except for some unforeseen circumstance arriving I will be working on this project full-time (and without remittance) for at least the next few years.

As well as giving the CIYAM Safe a workout before I begin to fund tasks for CIYAM Open I will be adding some support in the next few days for automatically being able to register users (although if anyone is interested to join up now just send me a GPG encrypted message with your preferred user id and an initial password).

Also as the hashed 'serverId' + password was never broadcast (as it was hashed again along with the 'uniqueId') there is a safe "secret" that both the client .js and FCGI server know.

This is what the server and the .js client will both use in order to construct a OTP that is the length of each request/response.


and to extend for the entire length of a request/response:


So what is returned from the AJAX request to the .js client from the FCGI server is encrypted with the OTP and decrypted before assigning it to the "content div" and all information (apart from some state information that is seen in the URL) sent to the server by further AJAX requests is also thus encrypted.

Questions and comments about this technique are welcomed.

Whilst preparing the CIYAM Safe distro I would like to explain the way that CIYAM Open encrypts all session data *without* SSL.

When you join CIYAM Open you will need to supply a GPG public key and you will be sent an encrypted message that contains your initial password. Next you open your browser to http://ciyam.org/open and to get an idea about exactly how this has been designed do a "View Page Source" and looking at the body tag you will see the following:


So as you can see there basically is no static content at all (and this never changes - so non-anonymous content will never even be seen by a search engine making this approach suitable for building a "diaspora" type of system that works over HTTP).

How then is non-anonymous content safely encrypted?

This is where the password that was sent to you GPG encrypted comes in - when you type in your user id and password it is hashed together with a "serverId" and then hashed again with a "uniqueId" (which is unique to your session) and then sent along with your user id (in the clear) to the FCGI interface.

As your original password is known when the FCGI receives your user id and the hash value it can verify whether it is correct by hashing the value stored in the DB (which is the serverId + password hashed and encrypted) with the uniqueId it knew it sent to your session (this is done via a simple IP address mapping currently).

Now as the 'uniqueId' will never be used again a 'replay' attack is simply not possible. To be cont'd...

Having a problem with SUSEStudio (after some sort of weird error the Build button for my distro become disabled) - if anyone knows how to fix this I'd appreciate a "heads up".



EDIT: never mind it has come good now - seems their website has had some problems today (distro will be coming soon)

Nearly there now (the "Memory Key" topic was another step along the way) - just ironing out the rough edges for safely and reasonably easily moving data between the "online" and "offline" computers now (have gone for air-gap via QR).