SFR Update: Role Based Access Control and Exclusionary Blacklist

in #utopian-io5 years ago (edited)

I have returned dear flag brethren. It is time for us to continue our crusade against the wily blockchain bandits. It is time to raise our flags


Some may have wondered where I have been with SFR development as I have been somewhat MIA. I'm gearing up to bring things into full swing and have a few updates this round. This update does not focus on our token but we are nearing the final phase of developing the system. I appreciate everybody's patience with me while I adjust to the changes in my life and find the appropriate balace for Steem.

SFR Project Updates

1. AdmiralBot - New Avatar, New App

One day, I noticed that our good pal, the Admiral, was failing to authenticate to Discord. I realized that the application was tied to a former SFR dev contributor who has since deleted their Discord. I had to take action. Ended up recreating the application but didn't stop there. I also put a fresh spin on his avatar image with my glorious patented lens flare technique. Ok, it's not patented. I lied.


new_admiral.png
Admiral: Arrgh Matey. This isn't even my final form.

I thought the design looked pretty dope but I can imaging further variations in the future. Also, wouldn't be a bad idea to invent a backstory or lore behind the Admiral character.

2. Role Based Access Control

What is RBAC?

Role-based access control (RBAC) restricts network access based on a person's role within an organization and has become one of the main methods for advanced access control.

Source

This was put in place to ensure only users with authorized roles are able to issue certain bot commands. This includes our beneficiary_heal function. This is used to create a 100% benficiary comment for any SFR users that experience flags in retaliation. I was working on a more automated process but this is what we have now. When a SFR mention has been zeroed beyond the ability to counter, we invoke the heal comment. This can then be voted with less reward shares required to reach the minimum payout threshold. This has been helpful in the past to cause abusers to waste their voting power. Just another trick up our sleeves if you will.

Initially, there was a bit of a ordeal with this implementation as we could not figure out why the bot was not recognizing mods and admins. Turns out that I had made an assumption about how Discord works. I had incorrectly thought that right-clicking and selecting "Copy ID" on a mentioned user role would obtain the identifier for that role. It was actually the message ID that I was getting.

The result is my pairings of IDs to roles was completely incorrect except for the founder role. We were scratching our heads for a few moments and even elicited the notorious eye-roll emoji from @reazuliqbal.


image.png
Legend has it that this same emoji has power to cause people to leave discord DM groups.

After fumbling around a bit with the function, I realized my error and finally got it fixed. RBAC is now in full force.

3. Exclusionary Blacklist

This was put in place as a protection mechanism to block approvals from anonymous flag accounts. SFR has a few regular adversaries such as @atempt and we have suspected this person would create alts for the purposes of gaming SFR votes. This function protects us by adding the user to a database table and performing a check when we batch approve follow on flags.

image.png

image.png

In addition to this, I have added a watchlist function but that is yet to be tested. What I envision we can do with that is create a separate webhook to keep us aware of operations of these accounts. This will improve overall situational awareness. Expect that to come in the next update.

4. Token testing

I have created the function to distribute our tokens to our users upon post payout. This will occur roughly at a 24 hour interval but may vary slightly. The reason for this is I will be integrating a check into our regular approval function which will track the time since @sfr-treasury or @sfr-token-issue has last posted. If the time exceeds 24 hours, the next distribution cycle will kick off. This will eliminate the need to run a separate bot and process to maintain. (Currrently, we have 4 separate Python processes for SFR)

This next phase will involve testing SFR token transfers on the Steem Engine testnet which will generate a post. We have recently added the parent_created column to our database which was necessary so we should be ready to rock and roll.

I hope that is enough to hold you over until we get the token system rolling. Another idea that I am entertaining is created a Flag Radio program. I think we have a lot juicy drama day by day that could make for an interesting program. It'll be like a soap opera for abuse fighters. 😉

With that, I will close this out and switch gears to token testing. Have a great week!

Would you like to delegate to the Steem Flag Rewards project and promote decentralized moderation?

It's much more fashionable than self-voting.

Here are some handy delegation links!

50 SP 100 SP 500 SP 1000 SP

Also, here is my SteemAuto fanbase link if you would like to be one of my consistent supporters.

Series Backlinks

Sort:  

Hi @anthonyadavisii,

Another excellent post covering the key features and improvements of the Steem Flag Rewards program. The eye-roll emoji-based discovery is a personal favorite and completely understandable how that happens.

The exclusionary blacklist is likewise a great idea to prevent the anti-abuse initiative from being gamed by those who support it on the surface but actually mean to exploit it. If more projects remained cognizant of this possibility, they'd be better for it.

I'm looking forward to Flag Radio. I'm sure you'll never run out of material, particularly reading the long essays scammers write to either excuse themselves or to threaten those who caught them.

Your contribution has been evaluated according to Utopian policies and guidelines, as well as a predefined set of questions pertaining to the category.

To view those questions and the relevant answers related to your post, click here.

Thank you for your review, @guiltyparties! Keep up the good work!




I hope it doesn't make people leave steem 😉

Excellent job with the bot.

Good to see all this good work going on. It is appreciated. People do not realise how bad Steem could be without such efforts.

Thanks, @steevc.I'm thankful for the handful that do.

As time goes by, sure more people will begin to realize how much better Steem would be for all honest hardworking Steemians as we begin to tighten the clamp on abuse

Posted using Partiko Android

Hey, @anthonyadavisii!

Thanks for contributing on Utopian.
We’re already looking forward to your next contribution!

Get higher incentives and support Utopian.io!
Simply set @utopian.pay as a 5% (or higher) payout beneficiary on your contribution post (via SteemPlus or Steeditor).

Want to chat? Join us on Discord https://discord.gg/h52nFrV.

Vote for Utopian Witness!

Great update! The Admiral looks sharp.

Posted using Partiko iOS

Thanks! I'm thinking of ideas for his next transformation. Maybe full-on skull version. Oh I was also thinking @admiralbit instead of a 🦜 that he can have an 🦉 partner.

Could be the representation of @mathowl / @regularowl in the SFR fantasy universe. The owl would obviously be a math wiz. 😉

Posted using Partiko Android

Besides math we owl love puns :D @regularowl cookie votes

I wanna owl on my... I wish I had a shoulder or two.


The owls were called by @mathowl

Lol, Owls probably eat parrots. I like it!

Posted using Partiko iOS

Hi, @anthonyadavisii!

You just got a 13.88% upvote from SteemPlus!
To get higher upvotes, earn more SteemPlus Points (SPP). On your Steemit wallet, check your SPP balance and click on "How to earn SPP?" to find out all the ways to earn.
If you're not using SteemPlus yet, please check our last posts in here to see the many ways in which SteemPlus can improve your Steem experience on Steemit and Busy.

Hi @anthonyadavisii!

Your post was upvoted by @steem-ua, new Steem dApp, using UserAuthority for algorithmic post curation!
Your UA account score is currently 4.793 which ranks you at #1406 across all Steem accounts.
Your rank has dropped 6 places in the last three days (old rank 1400).

In our last Algorithmic Curation Round, consisting of 192 contributions, your post is ranked at #47.

Evaluation of your UA score:
  • Some people are already following you, keep going!
  • The readers appreciate your great work!
  • Good user engagement!

Feel free to join our @steem-ua Discord server