
Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
@boardroom/ideation
Advanced tools
The ideation forum package is an IDX package that should extend the basic comments functionality (RFC 001) such that all discussion leading up to eventual proposal submission is traceable to the the source and attributable to the original contributors (for retroactive treasury payouts, tips, etc.).
The flow of the Boardroom Hub should mirror the decision making process from ideation to proposal creation to execution and post-mortem/disclosures. This feature is focused on the first step of that pipeline: Ideation.
The current process is for stakeholders to post an idea on Discourse, bake the proposal through discussions with other forum members, and eventually either table the idea or submit a formal proposal onchain or as a Snapshot.
The problem with this setup is that the full line of reasoning gets lost between each stage of the pipeline. The ideation forum package is an IDX package that should extend the basic comments functionality such that all discussion leading up to eventual proposal submission is traceable to the the source and attributable to the original contributors (for retroactive treasury payouts, tips, etc.).
We may also want to enforce a time boundary during which an ideation thread can live, at then end of which and proposal is drawn up and submitted automatically to the appropriate snapshot space. The only problem with this is that the proposal author would always be a Boardroom account as opposed to those that actually participated in it. A easier middle ground may simply be to close further discussions on the thread after a certain time boundary, and the only action is to export the thread as the body of the Proposal Creation page for easy editting.
More or less the same idea as Proposal Comments, except we'll change the schema up a bit.
And we'll change up the seed, so for each space, we create a new seed hash from boardroom-${spacename}-ideation
as opposed to a single boardroomideation
space (as we did for proposal comments initially).
Property | Type | |
---|---|---|
id | ceramicDID | Ceramic Document Id |
author | string | Ethereum address of the submitter. |
signature | string | ECDSA signature of the post by author. |
space | string | The name of the Snapshot space. |
title | string | The name of the new ideation thread. |
body | string | The body of the new proposal in Markdown format. |
start | number | A start date/time expressed in Unix time format. |
end | number | An end date/time expressed in Unix time format. |
votes | Vote[] | Array of Vote s |
replies | Reply[] | Array of Reply s |
Property | Type | |
---|---|---|
id | ceramicDID | Ceramic Document Id |
author | string | Ethereum address of the submitter. |
direction | `up | down` |
score | string | BigNumber-ish snapshot score. |
postID | ceramicDID | DocID as foreign key for the Post . |
signature | string | ECDSA signature of the post by author. |
Property | Type | |
---|---|---|
id | ceramicDID | Ceramic Document Id |
author | string | Ethereum address of the submitter. |
score | string | BigNumber-ish snapshot score. |
postID | ceramicDID | DocID as foreign key for the Post . |
signature | string | ECDSA signature of the post by author. |
votes | Vote[] | Array of Vote s |
replies | Reply[] | Array of Reply s |
FAQs
signal weighted ideation ranking
The npm package @boardroom/ideation receives a total of 2 weekly downloads. As such, @boardroom/ideation popularity was classified as not popular.
We found that @boardroom/ideation demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.