RO weekly report
Feb 01 2019
This week, we have gotten a new dedicated server with significant overall higher performance for cloud provisioning project. The server is currently being provisioned so we are redoing the openstack deployment this week. The objective is to build a capability to provision the backbone of public as well as customer’s private blockchain networks, which are at the core of one of our revenue streams.
For the hyperledger network, we discovered a potential security vulnerability in Hyperledger Fabric design - the process of user enrollment requires the private key to be sent around between multiple servers which is unacceptable. We have consulted with a director from large Certificate Authority in Asia on the enrollment process and we are actively investigating way to avoid this security vulnerability with the core hyperledger developers. It might however delay the progress of the hyperledger infrastructure build-up. We feel we are close to a solution.
Referring to the marketplace, the registration portal is still being remade. We have found an international expert who can take charge of the front end development. We have had a long discussion about the current progress and the task at hand. He understands the specifications and he will prepare the initial proposal by the end of this week.
The HIDS testing and debugging is continuing.On the other hand, we are working with a cyber security expert from Guatemala to do a short pentesting on our hardened Linux.
Building the team:
We have performed zero-base budgeting and cut down our non-essential team and additional expenses to maximize the overall share of expenses directly linked to building the product and revenue streams.
Our COO has met with the security director from TrustAsia. He likes our idea of blockchain + log management and he understood the idea of our identity. But he didn’t see much hope in building the end-to-end security of communication because the market and key technology providers (mainly browsers) are too rigid, which has given us a valuable opinion and we will take this into account when later building the relevant security components.
Next Week Planning:
We will have a Chinese Spring Festival break from 3rd Feb to 11th Feb. Our plan for the week after the Spring Festival break will be:
1.Troubleshooting and find the CA-related security issue on hyperledger private network
2. Rebuilding the user registration portal of marketplace
3. Redo the openstack deployment of cloud provisioning project