End of 2019 Update

Previous Updates
Secured
-----------------------------------
ORIGINAL PLEDGES START
-----------------------------------
-OTHER

--Pure infrastructure ANO

--Infrastructure will be released to the community as an open source "infrastructure as code" framework

--Collaborate with other ANOs to determine best practices and innovations for ANO infrastructure

--Active participation in Factom/ANO Governance

-TESTNET

-- Two testnet nodes

- PLEDGED EFFICIENCY
2 nodes: 65%
1 node: 55%
-----------------------------------
ORIGINAL PLEDGES END
-----------------------------------
Secured
factomd-api-proxy

Bedrock Solutions is proud to announce the release of a multifunction proxy for the factomd API port. The proxy enhances the factomd API port by providing common features needed in most deployments.

The current version, as of this writing, is 0.4.0

Quick Feature List
  • Intelligent, Kubernetes-ready Container
  • CORS
  • SSL/TLS
  • Health Check
  • Access Control Whitelist
  • Strict Protocol Operation

Simple Example with Default Configuration

To create a proxy for the Factom Inc. courtesy node, listening on port 80, simply execute:

docker run -p 80:8080 --name factomd-proxy bedrocksolutions/factomd-api-proxy:0.4.0

Helpful Links
Motivation

Over the past year of working with factomd, a handful of use-cases have resurfaced again and again. This proxy is an attempt to solve those use-cases once and for all. Our intention is to deliver something that not only saves people time and effort, but also becomes a central piece of community infrastructure. We hope that Factom community developers will rally around this project by suggesting features and submitting bugs.

Features

Intelligent, Kubernetes-ready Container

The Docker container housing the proxy is much more than a thin wrapper. It serves as a high-level abstraction that provides a clean, YAML configuration API to container clients. Configuration files are actively monitored, with configuration being automatically reloaded upon file changes. This obviates the need to restart the container in most cases. These features allow the container to dovetail naturally into orchestration environments like Kubernetes.

CORS

The proxy implements the bulk of the CORS specification.

The proxy currently has three CORS modes: disabled, wildcard, and regex. Internal, server-to-server apps can just leave it disabled. If a public endpoint is being run, such as the Factom Open Node, then the ‘wildcard’ mode should be enabled. If an application-specific endpoint is being run, then 'regex' mode should be enabled to restrict browser traffic.

SSL/TLS

Correct configuration of SSL/TLS is non-trivial; numerous security problems exist. Several enhanced security features are available to mitigate them, but they require specific configuration options to be enabled. The proxy supports all major SSL/TLS security features, and gives an A+ rating on the SSL Labs test (https://www.ssllabs.com/ssltest) with a sufficiently strong certificate.

Health Check

The factomd API does not have a simple GET-verb endpoint that works well with cloud providers such as CloudFlare and Google Cloud Platform. This makes deploying the API problematic in many situations. This proxy adds a `GET /` endpoint that returns a meaningful status along with a detailed diagnostic payload.

Access Control Whitelist

Access to the proxy's API port can be easily restricted by providing a list of IP addresses and IP networks that are allowed to connect.

Strict Protocol Operation

Only a very small number of method/URI combinations are allowed. The JSON RPC request payload is parsed and validated. This reduces the number of bad requests forwarded to factomd.

Roadmap

The proxy is under active development, and is now a high priority for Bedrock Solutions. Planned enhancements include:

Rate Limiting

Having the ability to define separate rate limiting policies for API reads and writes is a pressing issue. The proxy will support this ASAP.

Runtime Metrics

Being able to see inside the proxy during its operation is a must have feature.

Support

Support is available in our Discord channel: https://discord.gg/5cbEYdP
Secured
Bedrock Solutions LLC is excited to present our first major Authority Node Operator (ANO) update. We have come a long way since being onboarded into the Factom Authority Set in October 2018. The Factom community is full of brilliant people and hard working companies, and our experience as an ANO has reaffirmed our choice to work with the Factom protocol. Although we campaigned as a high efficiency (65%) infrastructure ANO, we work full time to push Factom toward becoming the default global data integrity protocol. In this update, we’ll discuss how we are doing this with our development projects, grants, nodes, efficiency, and governance participation.

Projects

Factom Infrastructure Framework
We have pledged to release an open source infrastructure-as-code framework for deploying Factom nodes. We started working on this while setting up our own infrastructure using a number of Ansible playbooks that we developed internally. We have open sourced and released over a dozen Ansible roles, which are building blocks of factomd infrastructure. We have decided not to release our higher level playbooks to minimize the security risk to our servers, but we will consider releasing them once we are able to move to the next iteration of our infrastructure. If anyone is using or interested in using Ansible to manage your Authority Node infrastructure, please reach out and we will be happy to show and share our Ansible code.

We are shifting our focus away from Ansible and are building a new and improved infrastructure framework using Kubernetes and Docker. Kubernetes allows us to replace bloated VMs with scalable, lightweight cluster machines, and Docker increases the ease of deployment and configuration management. We are currently running two testnet followers and the tfa-bot on various Kubernetes clusters. We are making good progress and closing in on the initial release.

MyFactomWallet
MyFactomWallet (MFW) is a collaborative effort between Bedrock Solutions and The Factoid Authority. We released MFW in November, 2018 as the first open source Factom web-wallet with Ledger Nano S support. Bedrock Solutions built the MFW web application, and we will continue to improve this resource for the Factom community. We want to thank the rest of the on-chain voting grant team, Factomatic, Factoshi, and LUCIAP for their help with preparing for the release.

Factom API Proxy
Last week, we released a proxy for the factomd API port that adds and enhances several features when deploying factomd including CORS and SSL.


TFA Bot Docker Image and Kubernetes Helm Chart
We released a Docker container for the TFA Bot software built by The Factoid Authority. The container provides a lightweight build and streamlined deployment.

Grants

Factom Open Node
Bedrock Solutions, Blockchain Innovation Foundation, CryptoLogic, DeFacto, and The Factoid Authority were awarded the Factom Open Node grant to provide a free load-balanced API endpoint for Factomd. This node is used by a number of applications, including MyFactomWallet, and will be the default sync node in an upcoming Factom Enterprise Wallet release.

On-chain Voting Protocol
The On-chain Voting Protocol grant is bringing fully auditable on-chain voting to Factom. This is a fundamental building block for the eventual full implementation of Factom Governance with standing parties. The grant team is currently working on the final two milestones: testing the generic on-chain voting application and releasing a final report.

Factom Identity on Ledger Nano S
Bedrock Solutions and The Factoid Authority were awarded this grant to bring Ledger Nano S support for the new Factom identity specification. This will allow secure signing of data using a Ledger Nano S device.

Nodes

Our primary responsibility as an ANO is to provide reliable Authority Nodes to the Factom network. We have worked extensively on our internal infrastructure-as-code, and on our monitoring and administrative processes to ensure maximum uptime and responsiveness to issues. During the past two network outages in September and January, we were quick to respond and played an active role in providing assistance to the Core and Technical Committee to help get the network running again.

We took down our two testnet nodes in December, 2018 when we started working on running Factom nodes in Kubernetes, as a part of our ongoing infrastructure research. We recently deployed two testnet follower nodes using our soon to be released Kubernetes Helm chart.

Efficiency

We are operating at our pledged 65% efficiency, which means we donate 65% of our server rewards to the Factom Grant Pool. We are considering lowering our efficiency to better reflect our ANO contributions.

Governance and Community

We are actively involved with governance and the community. Effective governance is critical for the long term success of Factom. Here are some of the ways we have been involved since being onboarded:

  • Voted in all governance polls on Factomize to our knowledge
  • Participated in discussions on Factomize and Discord
  • Attended all ANO meetings and most Guide meetings
  • Attended the ANO Summit in Austin
  • Joined the On-chain Governance Working Group
  • Participated in Marketing Committee interview where we advocated for increased focus on developer outreach on FactomProtocol.org
  • Donated to the Triall Clinical Research project
  • Participated in the Authority Node Operators AMA on Reddit
  • Helped test the Factomize Daily Digest and Monthly Newsletter
  • Helped test ANO Emergency Alerts
Conclusion

We are extremely pleased to update the community on the work we do as a Factom ANO. We are a technical team building solutions for the Factom protocol, and we have much more in store for 2019. If you need assistance using one of our projects, are interested in collaborating, or just want to say hi, please reach out to us at contact@bedrocksolutions.io and join us in our Discord channel https://discord.gg/gfYahwM. Until next time!
Secured
bedrocksolutions/tfa-bot

Bedrock Solutions is pleased to announce the release of a Helm chart for The Factoid Authority's Monitoring Bot.

Motivation

Using Kubernetes for deployment of lightweight services, such as the tfa-bot, can reduce the time spent in installation, configuration, and deployment.

Installation

Note: this guide assumes the Helm package manager has already been installed, and the cluster has been properly configured to work with it. Please see https://helm.sh/docs/using_helm for more information.

Add the Bedrock Solutions Helm repository to your `helm` command line utility:

helm repo add bedrocksolutions https://helm.bedrocksolutions.io

Create a `values.yaml` file containing the URL of your Google Sheet:

# values.yaml
botUrl: https://docs.google.com/spreadsheets/d/xxxxxxxxxxxxxxxxxxxx

Install the Helm chart into your cluster:

helm install --name tfa-bot -f /path/to/values.yaml bedrocksolutions/tfa-bot

Please see the project's GitHub repository @ https://github.com/BedrockSolutions/tfa-bot for more information.
Secured
factomd-api-proxy

Bedrock Solutions announces the release of version 0.5.2 of its factomd API proxy. This release features rate limiting on writes.

Description

The rate limiting subsystem supports both writes-per-second (WPS) and writes-per-block (WPB) limiters.

WPS limiting establishes a maximum number of WPS that will be sent over the network. It also establishes a burst rate for writes, which will delay writes by a variable amount to spread the burst over a longer duration. The system defaults to 3 WPS with a 10 WPS burst. Rates over 10 WPS will be rejected with a 429 error.

WPB limiting establishes a write quota which resets every 10 minutes. The system defaults to 1200 writes per 10 minutes.

Links

https://github.com/BedrockSolutions/factomd-api-proxy
https://hub.docker.com/r/bedrocksolutions/factomd-api-proxy
Secured
factomd-docker

Bedrock Solutions announces the release of a feature-rich Docker image for factomd.

GitHub repo: https://github.com/BedrockSolutions/factomd-docker
Docker Hub: https://cloud.docker.com/u/bedrocksolutions/repository/docker/bedrocksolutions/factomd
Discord: https://discord.gg/Ggkwz2K

Description

A while back I did a bunch of work getting factomd to work with Kubernetes. I learned many things doing that, but the biggest takeaway was that the Docker image created by Factom, Inc. really didn't fit very well into that environment. I wrote a custom docker image at that time, so that I could continue moving forward with the K8s work, but I wasn't completely happy with it.

After that initial work, I switched gears and built our factomd API proxy. I wanted the Docker image for that to really be a step forward. During some research, I stumbled upon the amazing utility confd (https://github.com/kelseyhightower/confd) and proceeded to learn it in-depth. Working with confd really changed the way I think about container configuration. So much so that I ended up writing a clone of it in JS so that I could add the features I wanted. I named my clone confz.

After writing confz I proceeded to build a new factomd image. I was very close to releasing it when Who reached out to me and informed me that he was working on a FIP that would create an entirely new configuration format for factomd. Although his first attempt at a config format sucked*, he was open to feedback. We went through many iterations together, and what emerged (https://github.com/WhoSoup/FIP/blob/wip_config/FIPS/config.md) is a huge step forward for the community. His new INI format will be rolled into factomd at some point down the road. In the meantime...

I knew immediately that the new image had to support the new config format, so I went back to work porting it over. I also came up with some additional enhancements to the config format (networkDefinitions and roleDefinitions) that give admins great flexibility in how configuration is structured and altered at runtime. This docker image is now the first working YAML implementation of the new config format defined in the FIP.

After the main development was finished, I proceeded to write a test harness that would put the image through its paces (thanks for the encouragement, Luap). The end result is an extensible declarative testing framework that, when run in its entirety, puts the image through 239 tests.

So, the image exists now (https://github.com/BedrockSolutions/factomd-docker) and is published on Docker Hub under the name bedrocksolutions/factomd. I think it's an important piece of our community's infrastructure puzzle. (It opens the door to an extremely powerful and concise Kubernetes Helm chart for starters.) I am hopeful that folks will check it out, offer constructive criticism, and possibly contribute. I'm happy to chat about this project here in this thread, on GitHub issues, or on our Discord (https://discord.gg/Ggkwz2K).

* Not actually true.
Current Update: End of 2019 Update
Secured
#1
Bedrock Solutions is pleased to post our ANO update. This will cover many of our activities since our last update in June, as well as our plans going forward.

Project Updates
MyFactomWallet
MyFactomWallet is a free, open-source, web-based Factom wallet. MFW has the lowest barrier of entry for most users because it does not require them to download any software. For the past few months, we have been working on designing and developing the next few releases of the wallet. We are adding new features, revamping the UI, and refactoring the code in an effort to make the site even more user friendly and useful for the Factom community. The effort we are putting into this site will directly translate to creating happy new Factoid holders. MFW is run in partnership with The Factoid Authority.

Factom API Proxy
We continue to maintain the Factomd API Proxy since its release in March, 2019. This proxy is used by Factom Open Node and is useful for application developers.

Nodes
As expected of all ANOs, we respond promptly to network issues and update our servers as requested. Our servers have had no downtime except for when there are network issues.

Efficiency
We will continue to run at 50% efficiency for a balanced distribution to the Factom Grant pool.

Governance and Community
As an ANO, we do our best to vote in a way that is good for the Factom Ecosystem as a whole. All of our governance votes are informed and considered. We will not sacrifice the integrity of the network for short-term gains.

We will continue to prioritize projects and advocate for decisions that will bring developers into the Factom ecosystem. We are a development team and understand how critical this is to Factom’s success.

Grants
Below is the complete list of grants we worked on in 2019. We worked hard on delivering these grants to the community as promised, and we strongly believe our work on these grants have brought great value to the Factom ecosystem. That said, this work has not been financially viable for us and so we cannot continue our pace of grant work until the FCT price is stable again.

2018 Round 1
  • Complete: On-chain Voting Protocol
2018 Round 2
  • Complete: Ledger Nano S Factom Identity
  • Complete: Factom Open Node 1
2019 Round 1
  • Delayed: Factom Open Node Enhancement
  • Complete: Factom Open Node 2
  • Success: Factom Open API Sprint 1
2019 Round 2
  • Success: Factom Open Node 3
  • Success: Factom Open API Sprint 2
  • Success: Sponsor for Factom Inc Protocol Development 2019 Round 2
2019 Round 3
  • Success: Factom Open Node 4
  • Complete: Sponsor for Factom Inc Protocol Development 2019 Round 3
2019 Round 4
  • In Progress: Factom Open Node 5
  • In Progress: Sponsor for Factom Inc Protocol Development 2019 Round 4

Closing
Our ANO has always been incentivized not to sell our received ANO/Grant Factoids in the illiquid market due to the negative affect it would have on the price. We are helping to build up the Factom ecosystem and so we retain an investment in it. Last year we secured sufficient outside sources of income to continue operating as an Authority Node Operator regardless of the FCT price. We will continue to invest our time and money as an ANO as long as we believe in the future of the protocol.

Expect an upcoming release of MyFactomWallet, and our next update at the end of Q1 2019.

All are welcome to reach out to us at contact@bedrocksolutions.io and join us in our Discord channel https://discord.gg/gfYahwM.

David, Alex and Jay
Bedrock Solutions