The “last mile” is always the most difficult for me: dotting my i’s and crossing my t’s has never been a strength of mine, literally and figuratively. However, ease of administration and security are both crucial for adoptions by others and I must get both straightened out before the soft launch of Speech.is.
Earlier this week I spent my time breaking down the install of Speech.js into manageable parts and putting polish on the install process. I pulled the finished, host-able site into a sub-repo of Speech.js called spx. It’s a pop-up Speech.js install, so anyone can create their own, private .bit resolver that cannot be censored. It’s already very easy to install, just a few changes to some config files and you have a fully working website. I’m hoping to reduce the number of changes down to just one config file before launch and (eventually) make the entire thing automated, similar to a WordPress install.
I spent Wednesday and Thursday re-working the backend to make it less reliant on bubble-gum and monkey patching for structural integrity. I have been relying on a third party provider (Cloudant) to host the backend API. However, I’m getting error about cross-domain communications, there is no SSL between my server and theirs, and they will cost more money in the long run. I put in a request to sponsor the site but I’m not hopeful, they are busy being acquired by IBM and the red-tape will probably be too much. I should just use GreenQloud, whom has already offered to sponsor the bandwidth.
My task today was to install a new scraper to parse the Namecoin database into a CouchDB database. The virtual machine that this happens on is hidden from the outside world, with Namecoin being the only process accessible to the broader internet. The private CouchDB instance seeds the front-end databases (accessible from api.www.speech.is) via an internal, private network. Indeed, to access it, I must proxy into the internal network1.
Sadly, this requires yet-another refactoring of existing code. Most of my time on this project has been spent on node-namecoin, which is a jumble of 3.5 libraries. One of them someone has recently redone properly, I had adopted a Bitcoin node.js RPC library to Namecoin but it was a fairly rough job. Someone-else apparently had a similar need, saw my warnings of how hackish the library I created was and redid it properly, which is very cool!
Since I had to rebase my work on their library I went ahead and split the remaining 2.5 libraries into two additional repos:
- nmc.js a convenience library for the aforementioned node.js to Namecoin RPC bridge.
- nmc2couch a (hackish) script which scrapes the Namecoin blockchain using Namecoind’s RPC protocol and pushes the records into CouchDB. This will need a full rewrite in the future, after Namecoin proper finishes it’s own rebase to the Libcoin code base2. Libcoin will have hooks that can be used to update CouchDB directly, instead of just searching for new entries every ten minutes, which is how nmc2couch currently operates.
So far, nmc2couch launches and connects to the Namecoin software, but it doesn’t continue updating. Hopefully, I’ll be able to work out the bugs and deploy everything tomorrow. If that goes well, I will do a quick rewrite of the website and hopefully soft-launch next week.
In the long-run, even this won’t be good enough. The internal connections are not encrypted and thus it’s hard-candy security: hardshell on the outside, soft on the inside. The data must be encrypted as it goes into CouchDB. I have already scoped out how to do this and posted to the CouchDB mailing list as well as spoken to Namecoin developers about the implementation details. We even coined a term for the eventual security level we hope to achieve: NSARageQuit. This will require a post of it’s own but it involves wrapping the network communications in Tor and stashing the actual computer in an undisclosed bunker with some thermite. ãƒ„ ↩
It’s a tangled web, but essentially Libcoin is a more maintainable, refactored version of the core Bitcoin software which has also already implemented most of Namecoin. I actually jump-started the rebase as development on the main codebase had stagnated for nearly 2 years. ↩