RO weekly report
Nov 30th 2018
The hyperledger architecture has been reviewed and we’re preparing to launch a testnet. We purchased 28 servers and started working on the testnet.
Our indian tech expert has started a sample deployment on his local machine and we will start building the public testnet from the next week. There are multiple stage: local testnet, public manual testnet, automated deployment of private blockchain-as-a-service networks, adding hardened linux, adding automated VM provisioning and automated deployment into 3rd party clouds. Our design includes a hybrid detached private & universally accessible public blockchain networks.
Regarding the hardened Linux security audit, we have independently reviewed all the previous work and started working on additional hardening measures in the first two days of this week, it is in progress and so far we have been gathering great inputs on usability and how to scale the security in automated deployments. We have a reproducible set of commands which can be made into a script for an semi-/automated deployment to a remote server. This is one of the directions we pursue: we remotely harden user’s server and install our HIDS, hyperledger SDK tools so that user’s server becomes a part of our network, or we build the server for user with all the stuff included in our cloud. We have also made a reproducible configuration of the flags and whitelists which are essential to the kernel hardening and practical deployments. We aim at finishing the security audit next week and then proceed with two major steps:
1. a customer private & isolated hyperledger-as-a-service. These private ledgers will also be used by security components for a data security.
2. a hyperledger-based marketplace for security components (and possibly services) with tokens for payment integrity, escrow and other smart contract features
For blockchain based integrity scanner, we are rebuilding the key parts to goland & smart contracts this week. Today, we have finished the first step in remaking the scanning tool so that we can publish the scan results to the peer and handle the evaluation at a peer instead of locally.
Building the team:
We’re currently co-working with Indian expert for the hyperledger based structure and marketplace. Also, our extended team of experts who build our platform is now expanding with a contributor from Poland with a great experience in Linux hardening, security audits and Intel SGX infrastructure & development. We are now in discussions with 2 additional international experts in the areas of cloud infrastructure and application security who want to work with us on project starting from December or January.
We met with Bitconch this week and talk about the security issues and risks in the new technology, and also some in their current projects. They showed interest in partnership on the security of identity with us.
Next Week Planning:
1.Development of blockchain based integrity scanner
2.Develop the user-registration of the hyperledger-based marketplace
3.Preparing tools to make automated installation of kernel hardening measures