devteam/Sharenet_Docs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Upload files to "/"

Browse source
This commit is contained in:
continuist 2025-08-21 14:09:18 -04:00
parent 211eb72e08
commit f9762aa36a
1 changed files with 183 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

183
post_money_economy_full.md Normal file
View file

@ -0,0 +1,183 @@
# Building a PostMoney Economic System with Your Software/Data Infrastructure
## TL;DR
Your stack—selfsovereign Passports (DIDs), signed & encrypted items, peritem RBAC, shortlived key grants, and federated discovery—already gives you everything needed to coordinate **needs, offers, capacities, and outcomes** **without money or trade**. Add four schemas (Need, Offer/Capacity, Assignment, Outcome) and a fairnessbased allocator, and you get a practical, auditable, privacypreserving economy of *use* rather than *exchange*—running comfortably on $5/mo nodes.
---
## 1) Goals & Principles
- **No money, no trade:** Allocate by **purpose and fairness**, not price.
- **Use rights, not ownership:** Access is granted via **timebound, scopebound capabilities** (Assignments).
- **Privacy by default:** Share only minimal metadata for discovery; keep details encrypted until authorized.
- **Local autonomy + federation:** Each node sets policy and chooses peers; coordination emerges from consented links.
- **Auditability without surveillance:** Everything is **signed**; access is **keygated**; changes are traceable with lightweight logs.
---
## 2) Mapping Your Infrastructure to a PostMoney Economy
| Your capability | Economic role |
|---|---|
| **Passports (DIDs)** for users & nodes | Stable identity for rights & duties; no email/finance required |
| **Categories & Items** (JSONSchema) | Typed records for **Needs**, **Offers/Capacity**, **Assignments**, **Outcomes** |
| **Zanzibarstyle RBAC + caveats** | Rules for who may **request, view, allocate, steward** |
| **Encryption + shortlived key grants** | Only authorized parties can actually **use** a resource |
| **Federation + authority pointers** | Crossnode discovery with **sourceoftruth** checks |
| **Projections** (audiencespecific fields) | Searchable summaries without leaking secrets |
| **Signed events & tombstones** | Tamperevident lifecycle, revocation, and cleanup |
---
## 3) Core Schemas (minimal set)
### 3.1 Need
A request for access or assistance.
```json
{
"title": "Laptop for coursework",
"summary": "2 weeks for class project",
"category": "need.device@v1",
"window": {"from": "2025-09-01", "to": "2025-09-15"},
"constraints": {"os": "linux-ok", "battery": ">3h"},
"priority": "normal|urgent",
"visibility": "public|node|group|direct",
"discoverable": true
}
```
### 3.2 Offer / Capacity
Availability of resources, skills, time, or space.
```json
{
"title": "3 laptops available",
"category": "offer.device@v1",
"units": 3,
"requirements": {"purpose": "study", "careAgreement": true},
"window": {"from": "2025-09-01", "to": "2025-12-31"},
"visibility": "node|group|public",
"discoverable": true
}
```
### 3.3 Assignment (Use Permit)
The nontransferable grant that authorizes use.
```json
{
"category": "assignment@v1",
"needId": "…",
"offerId": "…",
"assignee": "did:key:…",
"resourceRef": {"itemId": "…", "version": 2},
"window": {"from": "…", "to": "…"},
"conditions": {"careAgreement": true},
"status": "active|completed|revoked"
}
```
### 3.4 Outcome
What happened afterward (learning & accountability).
```json
{
"category": "outcome@v1",
"assignmentId": "…",
"result": "completed|partial|failed",
"notes": "Returned in good condition.",
"maintenance": {"needed": false}
}
```
> All records are **signed** by the issuers Passport. Private fields (e.g., lock codes, credentials) live only in the **encrypted payload**, released via a key grant when authorized.
---
## 4) Lifecycle Without Prices
1. **Publish Needs & Offers**
People create **Needs**; groups publish **Offers/Capacity**. Nodes federate only **projection fields** (title, tags, short summary, timestamps)—never secrets.
2. **Discover & Match**
Members search locally and across peers for items their node may see. Matching can be manual (stewards) or automated (policy engine).
3. **Allocate (Fairness, not markets)**
The **allocator** (policy + algorithm) chooses which Needs get which Offers and emits **Assignments**. Example policies: **maxmin fairness**, **roundrobin**, **weighted lottery**, **needsbased priority**, **quotas/cooldowns**.
4. **Access (KeyGated)**
When an Assignment is active, the assignee requests a **shortlived key grant**. The node checks RBAC and returns a sealed DEK, enabling the client to decrypt resource details.
5. **Use → Return → Outcome**
During the window, the user can decrypt and use the resource. On completion, they (or stewards) record an **Outcome** and any maintenance needed.
6. **Revocation / Change**
If circumstances change, rotate keys and update RBAC; future access stops immediately. Public→private flips rekey the item and remove it from public indices.
---
## 5) Federation Without Markets
- **Authority pointer**: every shared item carries a signed pointer to the **authority node** (and ACL revision).
- **Remote search**: ask peers to search on your nodes behalf, returning **stubs** your node can show.
- **Mirrored indices** (optional): peers export signed, projectiononly docs for items visible to your node; you index locally for lowlatency search.
- **On open**: your node still requests a **Key Grant** from the authority; unauthorized users learn nothing.
---
## 6) Governance & Fairness (policy, not payment)
- **Roles**: requester, steward/maintainer, allocator (human/automated), auditor.
- **Policy examples (Cedar/OPA)**:
- Eligibility & visibility (who may request/offer)
- Fairness (caps per person, priority cohorts, coolingoff periods)
- Stewardship (return checks, maintenance duties)
- Conflicts (deterministic tiebreak, seeded randomness)
- **Transparency**: publish anonymous queue stats and policy versions; keep **signed** Assignment/Outcome logs (history, not currency).
---
## 7) Privacy & Safety
- **Least disclosure** via projections: search works without exposing secrets.
- **Encryptedatrest** for all items; only **shortlived** key grants unlock details.
- **Revocation** with perversion keys; deny new grants after policy changes.
- **Auditability** with signatures, versioning, and tombstones.
---
## 8) Example Scenarios
- **Tool Library** — Needs (jobs), Offers (tools), Assignments (time slots), Outcomes (condition). Allocation: roundrobin + urgentrepair priority; access via smartlock codes delivered as encrypted secrets.
- **Community Transport** — Needs (rides), Offers (drivers/vehicles), Assignments (routes). Allocation: maxmin fairness + safety checks; keys unlock carshare boxes.
- **Compute Commons** — Needs (GPU hours), Offers (capacity windows), Assignments (job permits). Allocation: fairshare scheduler; credentials delivered via key grant.
- **Space Sharing** — Needs (meeting room), Offers (rooms), Assignments (bookings). Allocation: quotas/cooldowns; door codes disclosed only to assignees.
- **Childcare Network** — Needs (time slots), Offers (care capacity), Assignments (sessions). Allocation: vetted caregivers + weighted lottery for prime times.
---
## 9) Minimal MVP (12 sprints)
1. **Schemas**: Need, Offer/Capacity, Assignment, Outcome (+ projections).
2. **Allocator v1**: weighted lottery with quotas per person/node.
3. **Assignment→Access glue**: issuing an Assignment mints RBAC + key grant; on end, revoke.
4. **Search**: local + remotepeer search on projection fields.
5. **Federation**: signed inbox/outbox; authority pointers; keygrant endpoint.
---
## 10) Success Metrics (not pricebased)
- **Fill rate of Needs** (per category, timetoassignment).
- **Fairness indicators** (variance in access; maxmin score).
- **Stewardship health** (ontime returns, maintenance backlog).
- **Privacy incidents** (zero leakage beyond projections).
- **Utilization** (capacity used vs available; bottlenecks identified).
---
## 11) Why This Works on $5 Nodes
- Single Rust binary with **SQLite (WAL)** and **Tantivy**; inprocess RBAC; mTLS/onion.
- Crypto (Ed25519/X25519/XChaCha20) is **lightweight**; key grants are **tiny**.
- Mirrored indices use **projectiononly** fields to stay small and fast.
---
### OneSentence Summary
With signed identities, encrypted items, finegrained permissions, federated discovery, and fairnessbased allocation, your system provides the building blocks for a **coordinated, auditable, privacypreserving economy of *use*—no prices or trade required.**