Contest proposal: Secure and handy tool for signing multisig transactions

Disclaimer
This is not a contest for drawing pictures or making some vector images. It’s a contest about designing user-friendly software solutions which will make the life of community members easier and simpler.

Short description
Community members use tonos-cli to sign transactions from multisig wallets. The idea of the contest is to simplify the procedure.

Type
Contest

Dates
December, 31, 2020 - January, 15, 23:59 UTC, 2021

Motivation
The judging process is very time consuming. When the winners are chosen there is a need to create a transaction from a multisig wallet and sign it by custodians to transfer prizes to the winners. Tonos-cli is a great tool but it takes time and effort and advanced technical skills to work with it, write commands etc. The idea of this contest is to offer multisig custodians handy tools that can speed up the process and make it more user-friendly.

General requirements
The submission can be any client and secure software: web dApp, application for PC/Mac/etc platform, browser extension, iOS or Android app. There are two major principles that should be considered while applying: security of master-phrase and friendly interface. The solution should give the users an option to create, see, check and sign a transaction from a multisig wallet in several clicks/taps.

Submission format and requirements

• Work should be submitted to the GitHub repository. The participant may use any GitHub account he/she wants to publish the repository
• Should have free software license
• To make the evaluation process faster, include a README file with instructions if needed
• Solution security analysis essay should be part of a submission
• Submissions with failing builds/tests/samples will be rejected

Evaluation criteria and winning conditions
Proposals will be judged strictly on the merit of their accuracy in addressing all requirements and completeness.

Only qualified proposals that meet all the required criteria will be considered.

The solution must be secure and as easy to install and interact with as possible.

Rewards
1 place………………….……….20 000 TON
2 place………………….……….15 000 TON
3 place………….……………….10 000 TON
4-5 place…………………………5 000 TON
6-10 place………………………1 000 TON

Note: If the number of winning submissions is less than the number of rewards available, any remaining rewards are not subject to distribution and are considered void.

Voting

• Jurors whose team(s) intend to participate in this contest by providing submissions lose their right to vote in this contest.
• Each juror will vote by rating each submission on a scale of 0 to 10 or can choose to reject it if it does not meet requirements, or they can choose to abstain from voting if they feel unqualified to judge.
• Jurors will provide feedback on your submissions.
• Duplicate, sub-par, incomplete, or inappropriate submissions will be rejected.

Jury rewards
An amount equal to 5% of the sum total of all total tokens actually awarded to winners of this contest will be divided equally between all jurors who vote and provide feedback. Both voting and feedback are mandatory in order to collect this reward.

Procedural remarks

• All submissions must be accessible for the jury to open and view, so please double-check your submission. If the submission is inaccessible or does not fit the criteria described, the submission may be rejected by jurors.
• Contestants must submit their work before the closing of the filing of applications. If not submitted on time, the submission will not count.
• All submissions must contain the contestant’s contact information, preferably a Telegram username by which jurors can verify that the submission belongs to the individual who submitted it. If not, your submission may be rejected.
• The content published in the forum and in the provided PDF file should not differ, except for formatting, otherwise, the submission may be rejected by jurors.
• If your submission has links to the work performed, the content of those links must have the contestant’s contact details, preferably a Telegram username so jurors can match it and verify who the work belongs to. If not, your submission may be rejected.
• The work must be uploaded to the PDF and any links can only be used as support for the submission, but that only the work in the PDF will be judged.
• If the number of participants is less than the amount of prizes available, the excess prize awards are void.

Multiple submissions

• Each contestant has the right to provide several submissions if they are all different from one another. If they are too similar, or in any way appear to be partially the same work done twice, or if they appear to be one whole body of work divided into parts to create several submissions, jurors have the right to reject such submissions.
• If the contestant wants to make an additional submission to replace a previously published submission, the contestant must inform the jury about this fact and indicate which submission is the one to be judged. In this case, only the indicated work will count. If the contestant fails to indicate which submission to judge, only the first submission made will count. The Jury will reject all others.

hm
My submission already done this summer

Secure - install on any $1 VPS without external IP

Hello. Good work thanks!

This is badly needed tool for work of all non-technical sub-governances.

Yes. We need that tool. Bright crypto–future should be convenient for everyone!

we already have https://push.money, which is opensourced (https://github.com/move-ton/msig-tool) and very convenient, made by @isheldon (maybe other guys too, but i only heard about it from @isheldon)

if you don’t trust websites, you can run it locally in your browser, it’s very simple.

what else do we need, fancy animations, material design?

do you people really think that spending SIXTY THOUSAND TONS when there is already a free, open-source, perfectly working tool, is a good idea?

Hello! Good, already in use

I only have one question: how is this contest related to web&design?

@MIchael_Kabanov Maybe you have answer to this question?
“how is this contest related to web&design?”

Yep, I do. It has been announced as one of the goals of the subgov - Free TON Web & Design Sub-Governance

Let me quote it for you:

The goal is to provide end users of websites, applications, articles and other information products with quality design, illustrations and navigation and further enhance digital user experience and effectiveness of information processing.

Официальное приглашение MIchael_Kabanov

Ok I saw that point. However the contest rules did not stipulate “appealing visuals”, “design” and “web”. It’s all about technical contest for the developers! There is nothing about visual or webdesign aspect!

I know that the technical solution was already developed by many teams.
And here is where my question originates from! Why is that contest nominated by the Web&Design??

There are much more relevant subgovs for this.

I’m not sure why are you asking me about other subgovs? You should address the question to them - why such a solution has never been run through a contest.

Again, re-read the quoted piece, we’re not here to develop (!) the tech, we’re here to make life of the user (!!) easier. Thus, nothing prevents our subgov to offer a draft, anybody can comment and add their ideas.

Im sure this contest totally doesnt belong to this subgovernance. This contest is for developers

How is it possible that the Web&Design jury members, who have particular area of expertise, would judge the technical contests for developers? Do you consider this normal?

In my opinion this is equivalent to the situation where the SMM subgov would organize the Ethereum bridge development contest, giving the motivation of this decision based on the fact that these are essentially social links and nobody else ever did this.

How do you use TON Surf? Are you a developer? How can you evaluate it? Have you seen the source code?

You’re posting on the forum built on Ruby - are you a Ruby developer? How can you judge if the forum is good or not?

Do you use smart contracts in analytics subgov? Did you write it? How good do you know Solidity?

I can go on for ages

Looks like the other initials don’t have balls to shut up this guy. This goes beyond all boundaries. I just want to puke from such a blatant cut. No wonder TON rates fall so fast…

Гребанное кумовство убьёт этот проект.

agree with you. main problem of free ton

I see a big problem in this proposal, because there is a word “secure” in the description of the tool, but security requirements in the proposal are very poor. Security analysis essay will say nothing about security of this tool. There must be at least security analysis executed by the qualified 3rd party for every submission. Who will be responsible for crystals loss by users due to vulnerabilities in software if there is no security audit? Why developers, who taking part in this contest will be interested in creating a secure tool? Anyone with a background in security knows that there is always a trade-off between security and usability, and this is a very complex task.

Such a comment - music for my ears. Thank you.

Yep, I’ve been talking to some guys here and there past several days about how we can go with the security part of these solutions.

It seems that the best way is to make a 2 staged contest: first part will be judged from the standpoint of users (how easy and fun is to use the tool). Winners with 6-10 places will get rewards when the voting is over.

Top 5 (TBD) solutions will go to the second stage - security validation by 3rd party. This stage can be carried out on web & design subgov (management only) or can go into e.g. DevEx subgov fully.
When the validation is done and solutions are secure, they receive rewards for Stage 1 (user experience) and rewards for the Stage 2 (TBD).

Such a model also introduces the collaboration of subgovs what is also a very cool thing.

What do you think?