NESTS - Named Entities in Simple Tiered Spaces

simple Web interface

This document describes a very simple Web interface for NESTS users having different privilege levels.

NB, this document was created after the description of the CLI functions, a document with which it is co-evolving.

Therefore expect to find inconsistencies and omissions, especially in the numbering of the footnotes.

The first stable version is expected to be available soon.

This is currently intended to provide only a very limited set of functions, sufficient to meet the needs of an open money implementation but not initially to met the requirements of open measures.

Three classes of user are accommodated here, each having a different level of access privilege:

  1. Unregistered visitor

    The user does not yet have a primary identity 1 so needs to create one.

    It is likely that the unregistered user will have reached a registration page by invitation, probably by scanning a QR code in which are encoded

  2. Registered user

    The user has a primary identity 1 already. This user may also have one or more secondary identities (aliases). Any of these may be used to log in using the same access credentials as the primary identity.

    Such a user will have at least one account 5 and may hold many 6.

  3. Steward

    Any user becomes a steward once having been authorized to create an entity (whether a secondary identity), an account, a currency or a child namespace. That authorization comes from the steward(s) 7 of the namespace enclosing the new entity and they/it can suspend or revoke such authorization.

    The stewards of root namespaces do not have higher access privileges than any other stewards. Any privileges they do have arise only from their relative position in the ancestral tree 8.

System administration ("superuser") access is provided only through the NESTS CLI.

Notes:

  1. Once a primary identity has been registered, any number of secondary identities (aliases) may be linked to it and any of these may be used to log into an access node.

  2. currency

  3. preferred

  4. user - possibly a merchant or a currency's steward

  5. account

  6. number of accounts

  7. stewards

  8. relative position in the ancestral tree

  9. The initial implementation is written in Python (Flask).

  10. The steward(s) of each namespace can choose whether the default policy is

    • permissive - authorizing immediate creation of a new entity in that namespace and revoking the authorization when a need arises
    or
    • restrictive - authorizing creation of any new entity in that namespace only after a request has been received and subsequently revoking the authorization when necessary.

    The policy can be configured differently for each entity. For example, it might present too great an oversight burden to require explicit authorization from the steward(s) of that namespace each time a secondary identity, an account or a currency is created there.

    On the other hand, the creation of child namespaces requires more sensitivity to the needs of others, especially where assigned to a geographical equivalence (which may be a genuine needs case for some form of regional governance collective).

    Furthermore, authorization of the creation of a new account must also come from a steward of the associated currency. Therefore a sensible default policy might be

    • permissive authorization from the namespace steward(s)
    • restrictive authorization from the currency steward(s)



Table 1: Page contents and transitions (incomplete and in progress)

This table lists the operations available through the NESTS simple Web interface at each user privilege level.

These include commands for the creation of a secondary identity, account, currency or namespace - each involving an implicit request to the stewards of that entity's parent namespace or, for an account, the stewards of the associated currency. Upon authorization, the user issuing such a request becomes the steward of that new entity. Therefore the only distinction between a steward and any other user (idenity-holder) lies in the hierarchy of the namespaces.

Within the domain of entities over which they hold stewardship, users have additional commands available. Furthermore, the domain of currency stewards differs from that of namespace stewards.

form field required
available to
development priority
longer term enhancement
anyone not logged in
primary identity
secondary identity
namespace steward
currency steward
page form field button associated
with form field
displayed links, notes or
data set (table or graph)
entrance This is the main landing page for
  • unregistered vistors not following an invitation link
  • registered users returning to log in or recover login credentials
  • visitors driven here by curiosity
log in 1 * *
recover login credentials 2 * *
register 3 * *
resources * *
Contextual help help * *
login [identity] 4 This login process requires a strong password2 (which a browser can remember) and a small subset of a PIN (which a browser cannot remember but a human can easily). * * * *
[password] 5 * * *
[PIN subset] 5 * * *
LOG IN recover login credentials * *
Contextual help help * *
recover login [identity | email] * * * *
SEND RECOVERY LINK * *
create new
login credentials
[ primary identity] * * * *
[new password] 5 * * *
[new PIN] 5 * * *
NEW LOGIN DETAILS * *
Contextual help help * *
registration [username] 6 GENERATE 6 * * *
[namepace] 7 RESTORE INVITATION 7 * * *
[country] 8 This field determines location-specific actions. 8 (*) *
[county] 9

The set of fields displayed here will depend upon the country selected above 8, in increasing order of geographical resolution. The examples given here are for the UK.

These fields are displayed only if the country has been identified.

* *
[town/city] 9 * *
[village/neighbourhood] 9 * *
[building number] 9 * *
[building name] 9 * *
[flat number] 9 * *
[room number] 9 * *
[postal code] 9, 10 Country-specific format and name 10. * *
[grid reference] 11, 12 Geolocation details, where provided, may have a number of uses 11. *
[Open Location Code] 11, 13 *
[UTM coordinate] 11, 14 *
[email address 1] 15 * *
[email address 2] 15 * *
[mobile number 1] 15, 16 * * *
[mobile number 2] 15, 16 * * *
[recovery answer 1] 17 RANDOM QUESTION 17 Recovery question * *
[recovery answer 2] 17 RANDOM QUESTION 17 Recovery question * *
[password] 2 GENERATE 18 * * *
[PIN] 3 GENERATE 18 * * *
[SSH public key] 19 * * *
REGISTER IDENTITY 20 cancel * *
home Return to the entrance screen log out * * * * *
Make a payment, either to a known account 21 or to a known identity 24. payment to known account * * * * *
payment to known identity * * * * *
The entities belonging to, or stewarded by, this identity can all be managed from here. manage accounts * * * * *
manage identities * * *
manage currencies * *
manage namespaces * *
Edit primary account details edit account details * * * * *
Additional resources resources available * * * * *
Contextual help help * * * * *
make a
payment to
a known
account
[payee account] 21 The PAY button is displayed only if this identity has an account in the same currency as the payee account. * * * * * *
[payment amount] 22 * * * * * *
PAY 23 cancel * * * * *
make a
payment to
a known
identity
[payee identity] 24 * * * * * *
[payment 1 amount] 22, 25

If the payee's identity (whether primary or secondary) is known, the currencies in which they both have an account can be identified. A payment box is created for each of these currencies (the account for each being identified from the unique combination of identity and currency). 25, 26

* * * * *
[payment 2 amount] 22, 25 * * * * *
      :
[payment N amount] 22, 25 * * * * *
PAY 23, 26 cancel * * * * *
manage own
identities

The primary identity and all associated secondary identities are listed here.

Clicking on any identity brings up a page to manage that specific identity.

primary identity 27 * * * * *
secondary identity 1 28 * * * * *
secondary identity 2 28 * * * * *
      :
secondary identity N 28 * * * * *
29 create a secondary identity 29 * * * * *

Return to login landing page.

home * * * * *
log out 5 * * * * *
Contextual help help * * * * *
manage
one of the
identities

Manage this identity's accounts 30.

manage accounts * * * * *

Manage this identity's currencies 31.

manage currencies * * * * *

Manage this identity's namespaces 32.

manage namespaces * * * * *

Switch to this identity 33.

adopt this identity * * * * *

Switch to primary identity 33, 34.

adopt primary identity * * * * *

Modify this identity 35.

modify identity * * * * *

Request deletion (archiving) of this identity 35, 36.

delete identity * * * * *

Return to list of identities 37.

manage identities * * * * *

Return to login landing page.

home * * * * *
log out 5 * * * * *
Contextual help help * * * * *
create a new
secondary
identity
[identity name] * * * * * *
[namespace] * * * * * *
create identity * * * * * *
Return to previous page manage identities * * * * * *
Contextual help help * * * * *
manage own
accounts

Clicking on any account brings up a page to manage that specific account.

account 1 * * * * *
account 2 * * * * *
      : * * * * *
account N * * * * *
create new account * * * * *
manage accounts * * * * *

Return to login landing page.

home * * * * *
log out 5 * * * * *
Contextual help help * * * * *
manage an
account

Export/backup this account (CSV) 200.

export account * * * * *

Request restoration of account from CSV file 200.

restore account * * * * *

Rename this account.

rename account * * * * *

Move account to a different namespace.

move account * * * * *

Transfer account to another identity.

transfer account * * * * *

Delete (archive) this account.

delete account * * * * *
return to list accounts * * * * *

Return to login landing page.

home * * * * *
log out 5 * * * * *
Contextual help help * * * * *
create a new
account
[account name] * * * * * *
[account namespace] * * * * * *
[currency] * * * * * *
create account * * * * * *
Return to previous page manage accounts * * * * * *
Contextual help help * * * * *
manage own
currencies

Clicking on any currency brings up a page to manage that specific currency.

currency 1 * *
currency 2 * *
      :
currency N * *
create new currency * * * * *

Return to login landing page.

home * * * * *
log out 5 * * * * *
Contextual help help * * * * *
manage a
currency

Export a snapshot of currency (CSV) 300.

export currency * *

Import full account set of currency (CSV) 300.

import currency * *

Rename this currency.

rename currency * *

Move currency to a different namespace.

move currency * *

Transfer currency to another identity.

transfer currency * *

Delete (archive) this currency.

delete currency * *
return to manage currencies * *

Return to login landing page.

home * *
log out 5 * * * * *
Contextual help help * * * * *
create a new
currency
[currency name] * * * * * *
[currency namespace] * * * * * *
[currency prototype] * * * * * *
create currency * * * * * *
Return to previous page manage currencies * * * * * *
Contextual help help * * * * *
manage own
namespaces

Clicking on any namespace brings up a page to manage that specific namespace.

namespace 1 * *
namespace 2 * *
      :
namespace N * *
create new namespace * * * * *

Return to login landing page.

home * * * * *
log out 5 * * * * *
Contextual help help * * * * *
manage a
namespace

Rename this namespace.

rename namespace * *

Move namespace into a different namespace.

move namespace * *

Transfer namespace to another namespace.

transfer namespace * *

Delete (archive) this namespace.

delete namespace * *
return to manage namespace * * * * *

Return to login landing page.

home * * * * *
log out 5 * * * * *
Contextual help help * * * * *
create a new
namespace
[namespace name] * * * * * *
[containing namespace] * * * * * *
create namespace * * * * * *
Return to previous page manage namespaces * * * * * *
Contextual help help * * * * *

Notes for Table 1

  1. Login

  2. Recover

  3. Register

  4. This may be either a primary identity or a secondary identity, including the full namespace path.

  5. The password will have been entered or generated at the time of registration, or subsequently updated, and will normally be remembered by the user's browser. Therefore it can be very long, very random and very difficult to guess.

    A subset of a memorable, variable-length PIN is used. The PIN might be between 6 and 10 digits in length, and the user will be presented with a request to enter the ordinal position a subset (maybe 3 or 4 of the digits).

  6. The primary identity is unique within the namespace within which it is registered. The availability of that name within the selected namespace will be checked automatically when the form is submitted. Alternatively, the user may choose to have a unique name generated automatically.
  7. The namespace field will generally be pre-filled from an invitation link. The user may choose to register in a different namespace (where permitted by its stewards), but where a namespace has been suggested in an invitation link this may be recovered before the form is submitted.
  8. If entered, the country autocompletes from an internal list. The specific list used can be identified internally from the UTF-8 character subset used to fill this field.

    This field may also be pre-filled by identifying the country from the TLD of the NESTS hub through which this is accessed.

    For a typical open money installation, this may be a required field where the currency is one of the class metrically equivalent to legal tender because it indicates the taxation applicable.

  9. The set of fields displayed here will depend upon the country selected above, in increasing order of geographical resolution. The examples given here are for the UK.

    These fields are displayed only if the country has been identified.

    In a typical open money installation, these field will probably be disabled. However, they remain available for where needed/useful.

  10. Postal code formats differ greatly between countries but all can be validated using a regular expression selected for the country identified above.

  11. Geolocation details, where provided, help in the identification of optimally local resources.

    They may also be helpful in the calculation or measurement of resource flow efficiencies, etc.

    Three examples are given here (notes 12, 13 and 14) but other options exist.

  12. The grid reference system is very familiar to most users.

  13. The Open Location Code.

  14. The Universal Transverse Mercator coordinate system.

  15. Although these are all optional fields, at least one is required to recover lost or forgotten login credentials. Therefore it is strongly recommended that at least one email address should be provided.

    In a typical open money installation, the email address(es) will not be stored. Instead, a cryptographic hash of the email address(es) will be stored simply to enable verification of the the one provided by the user to recover login access, that being discarded as soon as the recovery login message has been sent.

  16. If using SMS for login recovery, the responsibility will lie with the user to send the displayed recovery code (otherwise the NESTS hub would have to bear the SMS charge).

    The mobile number stored here will be used only to validate the sender so is stored internally as a cryptographic hash.

  17. Two Q:A pairs are used to supplement the recovery process. Questions might include such typical examples as:

    • What was the nearest city to your place of birth?
    • What was the name of your first pet?
    • What were the make and model of first car you owned?
    • What date is most important to you?
    • What is your favourite film?
    • Who is your favourite musician?
    • What is your favourite book?
    • Who is your favourite author?

    A hashed version of the answer will be stored, so the recovery answer must match exactly.

    A question is chosen at random each time the [GENERATE QUESTION] button is clicked.

  18. A suitably random value can be generated automatically.

  19. The SSH public key is used only to provide access to the CLI. Most users will probably not have a use for this, and the stewards of most namespaces may choose not to enable this for identities they contain.

  20. Whether registration happens immediately will depend on the policy configured by the stewards of most namespaces in which the primary identity is registered.

  21. The payee identifies the the currency.

  22. A payment value is always positive and payment is the only transaction type available for an open money currency.

    Other transaction types will be added in due course, with capabilities appropriate to each currency type.

  23. Payment 23 is possible only if the current identity has an account in the same currency, and that account will be identified from the currency.

  24. Where the payee's identity is known, this can be used to identify a set of accounts. Only the subset of accounts in which both the payee's identity and the payer's (current) identityshare a currency will be displayed. This may be an empty set.

  25. These currencies may not all be of the same base type. The validty of the format for each will be checked.

  26. The transaction will be executed if and only if each of the values entered is valid for its currency type.

  27. The primary identity is always visible here. Initally, this will be the only identity.

  28. There is no fixed limit to the number of secondary identities that may be linked to a primary identity. The practical limit depends upon a number of factors including the capacity of the host.

  29. A new secondary identity may be created immediately within a namespace under the stewardship of the current identity.

    A new secondary identity may be created within a under a different stewardship. If that other stewardship has configured a policy to allow immediate creation of entities by default, then this will occur immediately. Otherwise the request will be queued and the stewards of that namespace will be alerted automatically. A prompt response cannot be guaranteed, however.

  30. accounts

  31. currencies

  32. namespaces

  33. A user may switch to using any of its other identities at any time. From that point onwards, all operations will relate to that identity until the user switches to another identity or logs out.

  34. This is simply a shortcut to avoid returning to the previous page in order to revert to the primary identity.

  35. The extent to which any identity can be modified depends upon the policies configured by the stewards of the namespaces in which it is contained or registered.

    In most cases, such operations as renaming, relocation and deletion will probably be disabled by default. In any case, such operations will not be available in early versions of the software.

  36. In cases where deletion of an entity is permitted, the entity will be archived rather than destroyed.

  37. This simply returns the user to the previous screen, preserving the identity currently adopted.


Version 0.0.2c - 2022-06-22 12.00 - Copyright © 2022, 2021 John Waters


home