Hello everyone, yesterday we organized AMA with Sebastian and he answered a lot of question about GnosisVPN. Watch Twittter or YouTube
I was surprised by the pushback this proposal has received. Have you watched the Gnosis HOPR AMA?
I’ve been following HOPR for a while and have been impressed by their development along with their transparency and communication with the public. @SCBuergel in particular.
I fully support this proposal. I also think $1.5m is overly reasonable. They could have justifiable asked for more.
I think your skepticism is healthy.
How much additional capital is estimated to be needed to advance from a proof-of-concept to a finished product/shipped browser extension? What about agreements for ongoing maintenance & support? I think we need to consider the full financial outlay it would take to make this dream a reality.
It’s true that these questions of funding and amount are important, so it could be a further discussion to say what the amount requested might be (a rough range?).
But I understand the desire and interest in making a VPN, especially with the GNOSIS brand.
With its transition, Gnosis wants to offer services and products with real utility and interest for the crypto community.
And I’m totally in line with this philosophy, so I can’t wait to find out more and see if this product can be developed to expand the Gnosis range of services/products
We deliberately did not ask for a large upfront sum with an upfront full-scale project plan because we do not want to fool GnosisDAO into thinking that such huge projects would ever work according to a non-agile multi-year development plan. Instead, we carefully considered what we are certain we can deliver within 9 months - and maybe we can go beyond that. So a next step depends on exactly how far we get, how the landscape looks like at that point in time and what reasonably makes sense to develop next and which target platforms, user groups and use cases should be tackled. Especially on the commercial questions we are very much looking forward to more discussions and feedback from the community at the time of the second proposal.
Since some questions in this direction came up I find it important to highlight that all work that we undertake at HOPR is free and open source with permissive licenses. As such, even the initial work that is already now ongoing to generalize RPCh to more general purpose usage, is already all in the open. So if HOPR does not deliver, is going over budget or ceases to align with the Gnosis ecosystem, there is absolutely nothing stopping another team from taking over the work that we did.
I wanted to also take the opportunity to highlight the decentralized nature of the HOPR network which shows another angle of alignment between HORP and Gnosis and which is a value proposition of onboarding HOPR node runners as Gnosis validators. We created this Dune Dashboard that highlights that there’s only 2 HOPR Safes with more than 10 connected HOPR nodes and only 10 run more than 1 HOPR node.
I think that is a significant difference from many other projects in the ecosystem in that HOPR nodes are operated by individuals and not professional node operating corporations. Many of HOPR nodes are running on DappNodes out of their operators’ homes, thanks to our partnership with and custom branded HOPR DappNode devices.
Thank you for your responses. I must express, however, my remaining scepticism.
Upon reviewing the codebase, the associated costs seem unjustifiable. Though I prefer to remain unnamed, I can evaluate this matter accurately.
I propose the following adjustments:
- The total cost should be reduced to $500,000
- Implement a milestone-based funding model, wherein funds are disbursed upon achieving specified benchmarks
Nevertheless, I anticipate that these suggestions may be overlooked, as this has been my experience with DAOs in the past, sadly.
Thanks for looking at our code - that’s what FOSS is about and I’d appreciate specific feedback. It would help me to respond to you if you made your criticism explicit. Are you saying “your code looks so poor that it’s not even worth the $1.5m of this first proposal” or “you basically did 90% of the work that’s needed for this first milestone of Gnosis VPN and only have like 3 man months of work left and hence $1.5m is too much”?
As outlined in detail in the OP, I absolutely agree with your notion of milestone-based payouts and that’s exactly what we suggest here in this proposal.
From my analysis today, it appears that the majority of the tasks associated with GnosisVPN have been successfully completed, with only minor discrepancies remaining.
- As you have mentioned in earlier comment, RPCh is already operational: GitHub - Rpc-h/RPCh: RPCh is the only private RPC provider. Uses HOPR under the hood.
- Deliverables 1.2 and 1.3 have been met (90% there), given that RPCh encompasses similar functionalities, albeit with different endpoints on the exit-nodes
- The RPCh code has been relabelled to GitHub - hoprnet/pHTTP-lib: p(rivate)HTTP library, which seems to represent the CORE code in RPCh
The remaining objectives include developing the front-end and enhancing the performance of HOPR, which I would argue the former is out of scope, but given Gnosis Ventures initiative, I find it acceptable.
I must apologize if my scrutiny seems excessive. However, I believe the funding requested exceeds the necessary amount. In line with the principles of DAOs and the ethos of cryptocurrency, we should adhere to the maxim: Don’t trust, verify.
Edit: Additionally, can you specify the milestones you are referring to? The proposal seems vague in that aspect. What is the value given to each deliverable? Or is the grant given up-front?
From my analysis today, it appears that the majority of the tasks associated with GnosisVPN have been successfully completed, with only minor discrepancies remaining.
Thanks again for digging into the code and the proposal this deeply - that’s something I rarely see in DAOs but as you mention, that is extremely valuable to ensure funds are not misappropriated.
As you have mentioned in earlier comment, RPCh is already operational: GitHub - Rpc-h/RPCh: RPCh is the only private RPC provider. Uses HOPR under the hood.
Correct, but that has almost nothing to do with the proposed work here.
Deliverables 1.2 and 1.3 have been met (90% there), given that RPCh encompasses similar functionalities, albeit with different endpoints on the exit-nodes
Generally, the intent of this work is to not just provide short-term gains and PoC, but actually a sustainable product development plan which seeks to bring Gnosis VPN as a viable product to a significant market - in line with the Gnosis 3.0 setup. That is important to understand as, indeed, we could make a quick & dirty first version of pHTTP and Gnosis VPN that would never be rolled out in production. But the goal here is actual product development. RPCh has comparatively tiny payloads compared to what you would typically utilize within the use of a web browsing setup.
Thus, the assumption of deliverables 1.2 and 1.3 being 90% there is incorrect. The current version that is in the repo which you also refer to in your next point is utilizing a relatively simple specific purpose solution built for the Ethereum RPC standard only. For example, the setup cannot handle websockets, additional HTTP header fields or other HTTP verbs. That means the entire architecture of this extremely opinionated and non-optimized form of the protocol needs to be overhauled from the ground up. That is deliverable 1.1 which then gets implemented in deliverable 1.2.
As the entry/exit node behavior changes with these additional requirements, entry and exit nodes also need to be reimplemented. This also needs to be tested wrt performance as I expect some large payloads to not get delivered within a timeout window. Beyond per-resource performance assessments, we also need to consider network-wide load assessments to judge which websites and services are in scope of the allow-listed first version of Gnosis VPN which is in scope of this proposal for the first PoC.
The RPCh code has been relabelled to GitHub - hoprnet/pHTTP-lib: p(rivate)HTTP library, which seems to represent the CORE code in RPCh
To be precise we started extracting and generalizing the core of RPCh which should present the basis for the Gnosis VPN work into a separate library. RPCh will become a user of that library, therefore this isn’t a simple re-branding and presents only the first step before we start re-designing and re-writing this for the much larger capabilities of Gnosis VPN compared to the specific purpose use case of RPCh.
The remaining objectives include developing the front-end and enhancing the performance of HOPR, which I would argue the former is out of scope, but given Gnosis Ventures initiative, I find it acceptable.
I don’t understand why a front-end - without which the proof of concept is entirely unusable for normal users - would be considered out of scope. We normally focus on making tech as approachable for end-users as possible and Gnosis does too.
Edit: Additionally, can you specify the milestones you are referring to?
The deliverables 1.1 - 1.5 culminating with a release of a proof-of-concept version of Gnosis VPN is the first milestone. Further milestones would be subject to an additional Gnosis DAO proposal.
What is the value given to each deliverable? Or is the grant given up-front?
We would prefer upfront payment.
Finally it is important to point out that this proposal is not a grant. Gnosis DAO is not just sponsoring product development work but is receiving a significant value worth of HORP tokens on top of the product development work.
As a noob, I would like to know what would be the implications of exit/entry nodes with people using the product with their already KYCed addresses on Gnosis Pay with this product?
I know the PoC is supposed to provide limited access to certain endpoints to help out with privacy. However, as all the people who have signed up for a Gnosis Card provided their KYC info to Fractal, and Gnosis Pay, and most probably Monavate also having access to this info as well, I am curious to get an insight on the implications of what a decentralized VPN network powered by HOPR node runners in terms of prejudicing the user’s privacy (especially if the node runner is using the same credentials/IP/or whatever you wish to call it is known by regulatory bodies or poor opsec by the node runner).
Would it pose a risk to the node runner as being KYCed, would it pose a risk to the user with a KYCed address, would it pose a risk to the entire network due to the failure of either?
EDIT: I do think we need a decentralized VPN solution and this is one of the proposals that got me excited on Gnosis 3.0/consumer product oriented roadmap!
That’s a very good - and non-noob - question! Let’s dissect it:
First of all, what are the implications for entry and exit nodes? Entry nodes see the end-to-end encrypted metadata of the traffic. So the entry node which is directly in contact with a user of course sees that user’s IP address and metadata such as the size of requests and reponses they send. The latter can be partially mitigated by sending data via multiple entry nodes. In fact, HOPR is designed to make the switching of routes very efficient, to provide decrease the necessary trust in individual entry nodes.
The exit node, on the other hand, has no way of knowing the user’s metadata, so specifically they don’t see the user’s IP address. But the exit node makes the actual requests and sends back the responses so that webserver sees the websites that are being accessed, but they don’t see from who, so the exit node does not see the IP address or other metadata and is specifically also not able to link individual requests to the same user.
Thus, if you are concerned about your KYC-ed identity being linked to your web-browsing activities, Gnosis VPN should be able to better protect you against de-anonymizing of your traffic than other means. The only exception is of course if the entire chain of nodes all collude (including entry and exit nodes and Gnosis Pay KYC providers) - but there’s really no system that could protect you against that.
I’m very happy to hear that Gnosis VPN makes you excited about the Gnosis 3.0 roadmap - we see the same!
Enthusiastically voted yes. Let’s do this!
I haven’t voted on this decision on snapshot yet, but I’d like to know: you say HOPR tokens at -30% discount.
But how many HOPR tokens are you going to sell to the Gnosis Dao at this rate? (Maybe it was mentioned but I must have missed it).
Hi, happy to clarify the amounts mentioned in the OP. The amount of HOPR tokens sold to Gnosis DAO equals $1.5m / (HoprPrice90dTWAP * 0.7)
. For the TWAP we created this Dune dashboard. The TWAP will run until end of the Snapshot proposal and will change a little bit - but at current values that would be approximately
1.5m / 0.108 * 0.7 = 19.84m HOPR
Thank you very much for this more detailed information!
Thank you everyone for the fruitful discussion and for all voters - the proposal has now been voted upon with 99.94% in favor on Snapshot page.
The Dune dashboard for the 90d HOPR TWAP has been updated with the end time of the end of the voting period and the final price is $0.111753491. Thus Gnosis DAO will purchase
1'500'000 / (0.111753491 * 0.7) = 19'174'856 HOPR
Congratulations! I’m excited to see how this project progresses.
For the record, the OTC deal will be executed through the following DAO address: eth:0x849d52316331967b6ff1198e5e32a0eb168d039d