After the release there will be more developers wanting to develop NEM based services and applications
therefore I think they will ask same or similar questions that I have now.
I 've opened this thread to discuss them here.
One thing that a big part of this applications or services will need is to interact with the NEM
blockchain and to do payments based on some sort of calculation or based on information taken from the blockchain.
As NEM (NIS,NCC) are implemented with security in mind with
- delegated harvesting
- password protected wallet files
- multisignature feature
* and now even 2FC "factor confirmation" is in planed
I think is also important that the ecosystem around NEM is build with security in mind to avoid the common problems known to us like (hacking, ddos attacks , theft of private key - coins… )
The developers that will build applications will need to know how to use correctly all this features available in NEM.
I' ll give here a simple example and I hope somebody will give some advices and guidelines.
Assume there is an application (web based service) written in any
programming/scripting language that interacts with NIS or NCC.
This web service needs:
A) collect data from NEM blockchain
B) perform some calculation or data evaluation on collected information from the blockchain
C) send automated paymnet based on some predefined rules and data evaluation from step B)
Issues
1) Secure hosting:
What would be the best hosting setup to improve security?!
a) is it ok to host the application and (NIS / NCC) on the same server?
b) is it better to host the application one server and the NIS-NCC node on anothe server?
c) what kind of servers should that be?
d) are VPS secure enough?
example of server configurations
<br /> legend: <br /> [] = server<br /> ==>, <==, <==> = communication direction <br /> app = custom web service application<br /> ****************************************<br /> <br /> examples using NCC and NIS: <br /><br /> server 1<br /> [app <==> NCC <==> NIS]<br /> <br /> server 1 server 2 <br /> [app <==> NCC] <===> [NIS]<br /><br /> server 1 server 2 <br /> [app] <=============> [NCC <===> NIS]<br /><br /> examples using only NIS: <br /><br /> server 1 <br /> [app <==> NIS] <br /><br /> server 1 server 2 <br /> [app] <=============> [NIS]<br />
According to your experiece what would be the best setup or enough secure server setup
for an application that need to have automated payment service?
2) block chain information integrity and data evaluation:
As the application needs to collect data from NEM blockchain
it needs to access a local or remote NIS or NCC.
The problem here is that NIS could end up on a fork an therefore the collected information
will not be the actual data which means that the payment processing will be done based on false information.
Are there any methods to avoid such issue?
If so what would the best method?
How to know the collected data is valid?!
3) secure automated payment process:
Assuming that the issues 1 and 2 are resolved we are now faced with the 3rd problem
how to implement the automated payment process workflow in a secure way.
The application needs to access local or remote NIS
by sending the the transaction information with wallet password or private key
to execute the transaction similar to the SPAM bots that are/were used
to test the latest NEM beta.
The question is how can the multisig features implemented in NEM
help us to make this workflow secure?
Any ideas and suggestions are welcome.
NEM is a platform created with security in mind let use
its features in a proper way the best we can.
Thank you.
Good writing.
1) Secure hosting:
My best practice recommendation:
server 1 server 2
[app <==> NCC] <===> [NIS]
Reasons:
NIS is isolated and can be put in the DMZ of a service.
app/NCC becomes a warm/cold application that is outside the radar of hackers. It can even be a tunnel in VPN through another firewall for almost complete obscurity.
2) block chain information integrity and data evaluation:
Have a block chain multi explorer configuration set up and use a comparator to confirm block chain forking issues.
3) secure automated payment process:
This has to be done on a case by case basis. My approach will be to have multi-sig using 2) above separately to verify the request to sign off. Also, to implement an auto-signing app to sign the transaction separately and independently of each other. In other words, say you have 3 signatories. An independent app will raise a payment to be made but have no authority to sign. The 3 signatories on receiving a request to sign off will need to establish the request independently of each other and sign it upon verifying that the request is genuine.
To establish a method of genuine request, it very much depends on the operational and workflow requirements of the project or business.
The great thing about NEM's platform is, we have all these flexibilities that many cryptos do not have. This makes our solution simple to implement and takes away rocket science from us. This is web architecture in cryptoland! What this means is, if we want to develop a coinbase equivalent in NEM, 80% of that work is already in NEM. 20% is the UX/UI. Hence there is no real need for a coinbase in NEM other that the UX and UI work (well, that is simply said, but any other customisation is minimal work). Everyone can have his or her own coinbase if the UX/UI is freely available in NEMsphere. Liken this to what the cryptoland is always singing about - everyone with a crypto wallet has her own bank account and she doesn't need a bank account - everyone in NEMland doesn't need a coinbase account as she has her own "NEMbase" account.
After the release there will be more developers wanting to develop NEM based services and applications...
Well...let's hope so :)
...
1) Secure hosting:
What would be the best hosting setup to improve security?!
a) is it ok to host the application and (NIS / NCC) on the same server?
b) is it better to host the application one server and the NIS-NCC node on anothe server?
c) what kind of servers should that be?
d) are VPS secure enough?
example of server configurations
[code]
legend:
[] = server
==>, <==, <==> = communication direction
app = custom web service application
****************************************
examples using NCC and NIS:
server 1
[app <==> NCC <==> NIS]
server 1 server 2
[app <==> NCC] <===> [NIS]
server 1 server 2
[app] <=============> [NCC <===> NIS]
examples using only NIS:
server 1
[app <==> NIS]
server 1 server 2
[app] <=============> [NIS]
[/code]
According to your experiece what would be the best setup or enough secure server setup
for an application that need to have automated payment service?
I don't see any reason for an app to use NCC. NIS should provide all the data necessary. NCC would just be an unnecessary extra layer. If NCC is getting it's data from NIS so they have to be accessible there somewhere :)
Unless of course you're doing stuff with wallets or whatever. The NCC can prob do some work for you.
I haven't actually used NCC yet so I don't know much about it's API.
As for hosting.
Any VPS should do. Set it up securely (Use a firewall, Change standard ports,...)
If the VPS allows run both app and NIS on one VPS. I see no real reason for seperation but it will depend on what exactly the app does and if your VPS can handle it. NEMEBEX has been running in both setups (seperated and local) and both have worked fine so it's really a question of the exact usecase. Both will work though.
2) block chain information integrity and data evaluation:
As the application needs to collect data from NEM blockchain
it needs to access a local or remote NIS or NCC.
The problem here is that NIS could end up on a fork an therefore the collected information
will not be the actual data which means that the payment processing will be done based on false information.
Are there any methods to avoid such issue?
If so what would the best method?
How to know the collected data is valid?!
Wait for some confirmations before acting on data. NIS shouldn't be on a fork for very long (if it is something is majorly wrong).
You could also use multiple NIS to verify data.
3) secure automated payment process:
Assuming that the issues 1 and 2 are resolved we are now faced with the 3rd problem
how to implement the automated payment process workflow in a secure way.
The application needs to access local or remote NIS
by sending the the transaction information with wallet password or private key
to execute the transaction similar to the SPAM bots that are/were used
to test the latest NEM beta.
The question is how can the multisig features implemented in NEM
help us to make this workflow secure?
Any ideas and suggestions are welcome.
NEM is a platform created with security in mind let use
its features in a proper way the best we can.
Thank you.
You'd have to define what exactly an automated payment process is in this context. Just making payments when some event happens ?
@Rockethead ,@patmast3r
tanks for your useful advices
I will reply to both of you in a single post.
@Rockethead:
From the way you suggest to do the things
the requirements from the infrastructure side seems little bit high
I suppose that handling point 2 + 3
2) block chain information integrity and data evaluation
Have a block chain multi explorer configuration set up and use a comparator to confirm block chain forking issues.
would require multiple vps servers where nis is installed + the signer app
so if I understood you well your configuration will look something like this:<br />legend:<br /><br />cmp = comparator application<br />exp = custom block chain explorer<br />app = main app to do automatic payments <br />[] = server<br /><br /> MAIN SERVER<br /> [ (app <==> cmp) <==> NCC] <==> [NIS]<br /><br /> <br />(signer 1) (signer 2) (signer 3)<br />[exp <==> NIS] [exp <==> NIS] [exp <==> NIS]<br /><br />
the "cmp" from server connects to signers to get information about the
block and compare the info and if the the info is OK the app can then send the
transaction which is then signed by the signers.
Did I understand correctly your setup or I have overcomplicated here?! 
@patmast3r:
on point 1)
Well NCC gives out some data that NIS does not
for example a transaction #(hash) is not available directly from NIS
I have asked gimre if is somehow possible to get the transaction # from NIS
but he replied that this value can be only calculated from the data in NIS
and that the procedure is a little bit complicated i did not went investigate further
on that matter.
Maybe you also know how to do it or you have some routine written in python already?!
on point 2)
I understand that before accepting a transaction as valid there is need to wait for some confirmations
but what you think what would be the the best(optimal) number of confirmations to wait for?
on point 3)
Automated payment is a payment that occurs automatically after some period of time
when some rules (conditions) are fulfilled.
For example the payment (outgoing transaction) can be based on previous
incoming transactions (xem transfer or messaging)
I have put here a simple example but this could be expanded for lot of user cases.
on point 2)
I understand that before accepting a transaction as valid there is need to wait for some confirmations
but what you think what would be the the best(optimal) number of confirmations to wait for?
on point 3)
Automated payment is a payment that occurs automatically after some period of time
when some rules (conditions) are fulfilled.
For example the payment (outgoing transaction) can be based on previous
incoming transactions (xem transfer or messaging)
I have put here a simple example but this could be expanded for lot of user cases.
Best answered by the devs but I think 10 confirmations should be fine. Theoretically you'd have to wait...i think 360 (again best answered by the devs since it might have changed)...because that is the rewrite limit but that would be a very very unusual case and most likely something is wrong with the network.
That sounds like what CIYAM is trying to get implemented in BTC clones. It should also be possible with smart contracts. At some point NEM should have this but not in a cetralized form on top of the protocoll but inside the protocoll.
Building it could be a good learning experience and good for gathering use cases that actually matter (Often something sounds cool and awesome and when it's done people are like "Okay, and wtf do I use it for ?").