Testing the new BU voting system

[solex]

@awemany has created a BUIP voting area for BU members to make this process cleaner, easier, more visible. This area will become part of our website but in the meantime it is a prototype in alpha mode.
http://89.248.161.25/voting/

For testing or general feedback please reply in this thread or raise an issue on github.com/awemany/buvweb.

 

[Bagatell]

Bad Request
Expected accept, reject or abstain, got 'ACCEPT'.

Wouldn't check boxes be better?

 

[awemany]

@Bagatell: The answers are all lower case. Having it like it is where you write it out explictly was
done on purpose: It makes it a lot less likely to select the wrong option.

If overall sentiment is that checkboxes are better, I'll change that.

Thank you for testing this!

 

[Norway]

I got this error message:

Bad Request
Signature validation failed ('bitcoin-unlimited-voting-test-data-without-relevance: 9acb93c3762c191d45b4a6621e22e77480519d5e3a98ce3ef5e457352571ce25 cast-proposal-ballot vote 59bcce288884333b77a01919a76bcc75e537e0e6ea3129ac2321e8f013a7d390 by norway answer (What do I write here? Is there a standard format? Like BUIP XXX YES)', IDh9mpjJmvzoXGCUDtKLsrOWWbbsA8fd/YnknKczVdDZR+jIF5/yLzs5StcDuD4Ius/KWbfshNXzkgIwEQB3AZs=, 13eS5t4WGGPSwFKRQYzCKcfWF6sfjN1Ka2).
[doublepost=1490531358][/doublepost]I then got this: error message:

Bad Request
Signature validation failed ('bitcoin-unlimited-voting-test-data-without-relevance: 9acb93c3762c191d45b4a6621e22e77480519d5e3a98ce3ef5e457352571ce25 cast-proposal-ballot vote 59bcce288884333b77a01919a76bcc75e537e0e6ea3129ac2321e8f013a7d390 by norway answer (reject)', H8kwPPbiShivNQaon9YCuIOXlVbmFq4u4mF0eyF6wTVBB84kFuF9o1xSdwgkOKN8c6H73hJ23Jb2qLLty9QbsSA=, 13eS5t4WGGPSwFKRQYzCKcfWF6sfjN1Ka2).
[doublepost=1490531487][/doublepost]What is the text I'm supposed to sign? It can't be just the text "reject", as it must have a relation to the BUIP I'm voting on.

 

[awemany]

Hey @Norway, first of all: Thanks for testing!

The text you are supposed to sign is the whole 'action string' line, like in your second example. It gives context to what you signed, so that it isn't just the string 'accept' that you sign, so it can't be used for a 'replay attack' anywhere else.

The answer is just 'accept', 'reject' or 'abstain'. The action-string is automatically prepared by some JS client code for the given item that you are voting on.

This is the text line that you would ctrl-C/-V into your offline signing tool.

I just tried manually, and I can't verify your message in the 2nd example either. You'd need to sign the whole line, in your example that would be:

"bitcoin-unlimited-voting-test-data-without-relevance: 9acb93c3762c191d45b4a6621e22e77480519d5e3a98ce3ef5e457352571ce25 cast-proposal-ballot vote 59bcce288884333b77a01919a76bcc75e537e0e6ea3129ac2321e8f013a7d390 by norway answer (reject)"

without the quotation marks. I hope that makes sense.

 

[Bagatell]

I had the same problems as @Norway - rename action-string as message?

 

[Norway]

@awemany
Thanks, seem to be working!

 

[awemany]

@Bagatell: Maybe. What do others think? Message is quite unspecific, maybe there would be something expressing the intent even better.

 

[Norway]

It should certainly be more intuitive, but this is a very early test of functionality, right?

 

[awemany]

@Norway: if you have specific ideas on how to make it more palatable, I am listening.

Yes, this is the first public test. My main goal is to make this usable enough for the next BUIP and membership vote.

However, "Nice interaction" is not as much a priority as making sure that the logic is sound.

That said, I was actually going to ask: @solex, can you have a look here:

https://github.com/awemany/buvweb/blob/master/vote_methods.py

And check the counting? Is that the logic we want to count votes on BUIPs and members with?

 

[Norway]

Ok @awemany , here's some feedback:

Front Page:
- Have a direct link to "Cast Ballot" (Or just "Vote") from the list on the front page.

"Cast Ballot" Page: (Vote Page is a better name.)
- Show a title and a short description of the BUIP
- Have a "More Info" link, with link to the whole BUIP.
- Select your user name from a drop down list.
- Don't show the "Vote hash", it's just confusing.
- 3 radio buttons (or other form of one unique selection) for Accept/Reject/Abstain
- Rename Action String to something like "Vote string to be signed. (Copy/paste into your signing device)"
- The text box for the Action String should be multiple lines so it's possible to see the wholde string.
- The same text box should always be empty unless both user name and vote option has been selected.
- Remove the option to provide the private key. Because it's not secure enough (even if the bitcoin address has a zero balance).

 

[adamstgbit]

Ballot option needs to be a pull down combo box.
and i had to guess and sign the "action string"
[doublepost=1490577372][/doublepost]i tried to submit a proposal with a big-ish image and i get the error

413 Request Entity Too Large

i thought that was funny!

edit: its probably fine, i guess we're supposed to upload a text document there...

 

[kyuupichan]

I'm used to signing messages. I don't see a message to sign. What I sign should include my vote, clearly, but nothing is updating.

 

[satoshis_sockpuppet]

@kyuupichan
As I'm not a member I can't try it out, but it looks like you have to fill out
[Author] with your member name
and
[Ballot option] with accept or reject
and then sign the [Action string] and paste the signature in [Signature]

 

[awemany]

@Norway: Thank you for the detailed feedback. Most of what you say makes total sense and I'll implement it.

Regarding the checkboxes, my idea was to make it explicit and I thought it is just too easy to click the wrong option. In any case it will make sense to add a text 'enter accept, reject or abstain here, lower case' or such next to that option. So far, there seems to be overwhelming support for checkboxes, so if that continues, I'll just make them checkboxes.

Regarding the online signing: That was a requirement as per the BUIP for the voting system. In any case, I'll leave a big fat warning there; I personally also won't do any online signing with my own tool. I also would like for someone to review the JS client code for security. Right now it is all served through MITMable HTTP, so you should refrain from using it now anyways. (and HTTPs is questionable security with all the not-really-trusted CAs...)

@adamstgbit: Yes, uploads are constrained in size. The limit plus the water-tight reasoning is written in here: https://github.com/awemany/buvweb/blob/master/config.py

@kyuupichan : As per the discussion on slack. I think it makes sense to make the parts that make up the vote string more clear on the vote page, which also seems to align with Norway's feedback on that.

 

[AdrianX]

This is very exciting. I was not able to vote or propose a new member for the flowing reasons:

UI feedback 1
Bitcoin Unlimited Voting - this page heading needs a link to why BU uses voting and how voting works and who can vote and how to become a member. This should be informative and proactively addressing the type of FUD that's been spread about BU.

___


UI feedback 2

As a user I need definitions of terms used - eg. on headings on the front page should be links to responsibility or definition: (by links a popup window would be good)

Current published proposals (what is) or (more info) (a link to a webpage that describe what a proposal is, how proposals are created and what criteria are required to have a proposal published )
the page should also have definitions for the headings
Author, File name, Metadata, Published? Vote? (each heading can have an alt text describing what each column is.)

Unpublished proposals (a link to what is an unpublished proposal, and what criteria are required to have an unpublished proposal listed, who can submit an unpublished proposal and alternatives for those who don't qualify.

Current members (a link to the definition of a current member - and the membership review process, and an explanation as to why BU have members, and the role members play in the development of BU.)

Member elections in progress (a link to a page describing the application and review process and the requirements to become a member.

Generic action entry (a link to a page describing what why and how)

Debug options (a link to a page describing what why and how)

___

UI feedback 3
when I click on the authors name under Current published proposals the page heading is Action - I don't know what this page is. I was expecting to see a link to the authors profile where I could as a reader review the authors public history, and confirm he was an active BU member. I don't understand what information is being presented. (I imagine a reporter doing research on a new proposal and wanting to understand who is punting this proposal forward and what it is about, first step is reviewing authors public conduct and reputation.)

UI feedback 4
when adding a new member from this page - http://89.248.161.25/voting/form/propose-member

missing Key - gives a
Bad Request
Signature or action string invalid.

The Bad Request - Signature or action string invalid page should have an explanation on the mechanical process of membership application and why you need to submit a public key and a signed message. (and a link to a bitco.in/forum page on how to publicly sign a message.)
___

1d3ePRadbB5xfkMjU7UFvxQ1CrVK5CUKE

___message
confused
___end message star sig.

H+2iFyc6LWPAu75deRb5Y2BJEC5DtDxdOlDxplMCWF48KEdA96FDy0yH7FNlXMuv51S8B572ILHf4zCVjyiZ5iw=
[doublepost=1490640051][/doublepost]

@Bagatell: The answers are all lower case. Having it like it is where you write it out explictly was
done on purpose: It makes it a lot less likely to select the wrong option.

If overall sentiment is that checkboxes are better, I'll change that.

Thank you for testing this!

I was initial thinking check boxes too, but I prefer the idea of writing the word is better - what to do needs to be obvious.

 

[AdrianX]

The answer is just 'accept', 'reject' or 'abstain'. The action-string is automatically prepared by some JS client code for the given item that you are voting on.

@awemany I like this syntax - I did not understand what to do, I will do better on the next review with more explicit instructions. (check moxes are intuitive but, I agree not advised)

A simple yes or no ballot has 5 legitimate responses.

1) 'accept'
2) 'reject'
3) 'abstain' (this is consenting to abstain)
4) 'spoil' (this is a protest vote - participating in rejecting all 3 options above eg. the framing of the proposal)
5) the act of abstaining without participating - ignoring (this doesn't count to the vote just counted somewhere to make sure a member stays active)

If you don't have the option to 'spoil' the act of soliciting a vote can be a manipulative act. The option to spoil is rejecting the framing or some other construct that is not accounted for in the voting process. - 'spoil' should be counted the same way as 'abstain', but if the spoil vote is more than 'accept', or 'reject' then the proposal should proceed as per the vote, but the result presented as complicated - and needing further clarification.

Here is a simple living example:
I support SegWit, but only on the condition that the Block Limit is removed before SegWit it activated.

The proposal: Incorporate the SegWit code into the Bitcoin Core implementation.
'accept',
'reject'
'abstain'
or ignore

So how can I vote to reject the framing, I want to support Segwit, But I want to reject it? an adversary has pushed this to a vote early to take advantage of some recent positive publicity. I am concerned that if my vote is a swing vote that it will have an undesirable result - killing the project or activating it prematurely, and by abstaining I am not able to communicate my desires either way.

I can vote reject, however I have made political commitments to accept as my reputation depends on it, so I cant reject this vote publicly without damaging my reputation.

I may have political responsibility to support my sponsors who have invested in my books and speaking engagements, so I feel I am not in a position to publicly push my view but I don't want to reject privately either, I want to reject the current framing.

This may not be the best example, but I am sure without a 'spoil' option the system can be explored by politicians in a similar way.
[doublepost=1490643974][/doublepost]

@Bagatell: Maybe. What do others think? Message is quite unspecific, maybe there would be something expressing the intent even better.

it needs an explanation or definition the word used is can be anything. I was a bit lost when it came to voting. ;-) I need an ELI6

 

[awemany]

Hey @AdrianX ,

thank you for your long and detailed review! I fully agree with your thoughts on making the user interface more clear. More info (within reason) doesn't harm, and doesn't cost anything except a couple extra electrons

I also agree with the suggestion with regards to making the the interface more clear. I also agree that the text on the voting - if it refers to BU as a whole - helps, however we probably need to sync with the new website there to then link to the relevant pages outside the voting system.

Note that the voting system is - as of now - a pretty independent plug-in component to the main website (a webservice), and to keep it maintainable, I like to keep it that way. It actually currently pulls in jquery etc. from the main site, but I am honestly wondering whether it wouldn't make sense to copy those parts as well, to keep testing of the code easier. Because right now you kind-of need a setup of the main site to run it locally.

It is a trade-off as I also want to share stuff like design so we can keep some kind of common visual identity as much as possible.

Regarding the 'spoil' option, in the physical world, that would be scribbling random stuff onto your vote and stuffing that into the ballot box? Do you have links that describe these five options and the rationale for them in more detail?

I still need to ponder about that and how the logic goes then.

Proposing for membership currently needs to go through the votemaster. I tried to mirror the current process there - as solex is currently the one making the membership BUIPs, I thought it would be appropriate if he (or the next president) will do the membership proposals.

Oh and: You and everyone is of course invited to also submit PRs on github

I'll go on vacation and do some other stuff the next couple weeks, so don't be discouraged if my response is slow.

 

[AdrianX]

Regarding the 'spoil' option, in the physical world, that would be scribbling random stuff onto your vote and stuffing that into the ballot box?

Yes, I don't have any references valid responses, the 5 are just the observes legitimate responses I could think of.

My history teacher presented the idea in high school that abstaining from a vote, voluntarily or involuntarily, was a form of complacence while spoiling a vote was a valid way of participation without projecting complacence.

@Justus Ranvier had a good argument as to why abstaining was a valid protest, in a democracy like the US, where you don't have a choice but to be a member. I think as membership in BU is voluntary, abstaining implies complacence and spoiling implies I don't agree with the chooses presented.

It would be good if we could vote in BU like we would in the real world.

 

[awemany]

It would be good if we could vote in BU like we would in the real world.

Fair enough. Given that members could spoil votes already (by submitting a string like 'meh' or 'spoil' to a BUIP vote), I'll add this.

But it would - except for being placed in a separate bin like abstain - do nothing except for counting as 'member has voted' regarding the expiry limit, right?