►
A
B
A
A
A
A
C
C
C
A
A
A
A
A
A
A
So
what's
your
attack
surface?
Well,
it's
I
mean,
however,
however
many
times
you're
going
to
load
that
private
key
right
is
sort
of
you
know,
that's
the
those
are
the
times
when
your
attack
surface
is
active
or
maybe
where
you
have
to
store
it
right.
So
anytime,
you
have
to
do
do
something
with
this
key.
You
know
you've
increased
your
attack
surface
so
and
if
we
were
suggesting
that
we
were
also
going
to
so
we're
going
to
use
the
top
to
github
and
we're
going
to
use
it
to
do
you
know
remote
execution.
A
So
basically,
if
you,
you
know,
maybe
left
your
if
you
left
this
thing
on
disk
as
a
as
a
ssh
private
key
and
you
didn't
set
a
password
on
it,
then
all
of
a
sudden
you
know
now
you
have
access
to
everything
on
your
web
3d
id
right.
So
that
is
not
not
a
good
way
to
go
and
very
obvious
when
you
talk
it
all
through
so
because
that
would
be
very
bad
right,
so
we're
gonna
we're
gonna
we're
gonna,
properly
segment.
C
A
A
A
Root
right,
so
we're
gonna
have
one
one
key:
now
that's
the
distinct
root
and
only
used
for
that
root
operation
right.
So
we
only
pull
this
key
out.
We
only
pull
this
key
out
when
we're
doing
something
important
right,
we're
not
seeing
we're
not
sitting
around
and
pulling
this
key
out
all
the
time
right
and,
and
actually
we're
gonna
add
you
know
just
just
to
to
to
developer.
A
A
A
A
Let's
see
so
god
damn
it
now,
I
got
all
over
the
place
so
when
they
do
that
they're
going
to
basically
they're
waiting
for
jobs
but
they're
waiting
to
see
if
they
want
to
bid
on
a
job
and
so
they're
the
the
strategic
plans
are
basically
like
putting
out
these
jobs
they're,
putting
out
these
jobs,
these
system
contacts
right,
they're,
saying:
hey
I'd
like
a
I
thought
about
this.
Just
you
know,
here's
fyi
add
these
to
your
data
sets.
A
If
you
wish
right-
and
you
can
query
them
to
see
hey,
you
know,
I
need
some
of
your
memory
right.
Can
you
send
me
some
data
sets
that
you,
you
logged
that
were
about
these
properties
right?
Can
you
go
query?
Your
graph
of
your
you
know,
past
executed
or
theorized
system
context
right,
and
can
you
send
me
those
because
I
have
a
problem
I'm
working
on
and
it
requires
that
background
knowledge?
So
you
know
what
what
all
is
the
information
that
you
know
so
that
I
can
start.
A
That,
let's
see
so
that
basically
can
receive.
Basically,
whenever
an
operation
is
executed,
you
can
throw
the
prioritizer
on
the
front
end
as
a
overlay,
so
you
can
basically
apply
an
overlay
across
the
board.
You
can
sort
of
say
here's
a
you.
You
would
basically
say:
there's
a
default
overlay
and
when
you
you
have
the
ability
to
set
the
default
overlay
via
an
environment
variable
or
a
config
flag,
but
it
must
be
said
explicitly.
You
can't
not
set
it
explicitly.
A
You
know
you
should
export
it
in
viron
or
whatever.
If
you,
if
you
want
to
do
it,
but
it
has
to
be
visible
somewhere,
that's
not
on
disk
right,
that's
not,
or
at
least
you
know,
if
it's
cli
flag
environment
would
be.
You
know,
like
a
12,
you
know
a
12
12
factor
app
so
but
basically
yeah.
So,
let's
see
okay.
A
Yeah
all
right:
okay,
let's
refocus
I'm
getting
off,
I'm
gonna,
I'm
just
explaining
too
much
stuff.
It's
in
the
thread.
It's
in
the
thread.
I
don't
need
to
explain
it
right
now.
I
need
to
do
the
the
work
right
now,
because
I'm
getting
I'm
getting
thrown
in
all
sorts
of
directions
here,
all
right,
so
developer,
tooling,
root.
A
So
we're
gonna,
basically
post
something
up
there
right
and
what
we're
going
to
post
we're
going
to
post
a
public
key,
but
we
could
post
whatever
we
wanted,
we're
just
going
to
post
a
public
key
because
it's
easy
and
we
can
check
very
easily
by
querying
the
you
know
the
github
id
of
the
the
person.
So
if
they
say
hey,
you
know
I'm
this
github
id
and
here's
a
public
key.
That's
in
there,
then
all
right
great!
A
A
You
know,
here's
all
the
things
I
can
offer
and
here's
proof
that
I
can
offer
them.
You
know
these
levels
of
assurances
any
review
systems
and
stuff
gathered
all
with
russo
trust
back
to
whoever
said
hey.
These
are
the
things
that
I
trust
you
have
to
make
sure
that
whatever
your
data
is
coming
from,
proving
that
you
can
do
this
job
is
being
signed
by
somebody
in
this
group.
Right
is
org
or
these
keys
that
and
and
you're
adding
in
the
models,
because
the
models
are
what
allow
this
to
operate.
A
You
know
like
in
a
generic
sense
because
they
can
just
sort
of
you
know:
you're
training
them
to
the
point
where
they
know
your
general
desire,
so
they
can
be
out
there
like
doing
things
for
you
and
you
know
acting
in
variable
environments,
but
you
could
also
you
know
program
it
to
be
very
specific
logic
gates
if
you
wanted
to
right,
but
that's
where
sort
of
the
models
fit
in
is
that?
Okay,
you
know
I'm
this
percent
sure
right.
So
what
is
the
risk
of
executing
this
thing?
A
And
if
you're
like
me,
it's
within
my
risk
tolerance.
You
know,
for
whatever
the
reward
is
go
for
it
right,
just
hit,
execute
on
it
and
you
know,
then
you,
basically
you
know
if
you're
doing
like
remote
execution,
you
notice
that
your
something
else
says
you
know
your
one
of
your
boxes
got
popped.
Then
you
know
you,
you
shut
it
down.
You
turn
it
off.
You
reboot
it
whatever
you
know
acceptable
losses.
You
you
factor
that
into
the
risk
is
like
the
uptime
loss
on
rebooting,
the
vm.
A
Yeah
so
and
and
yeah,
so
you
can
basically
make
this
like
peer-to-peer
distributed
server
backend,
where
people
can
run
each
other's
code,
because
you
can
define
your
code
as
a
data
flow
and
then
you
can
define
what
implementations
you
trust,
and
so
you
can
trust
the
orchestrator
and
you
can
trust
the
implementations
and
then,
if
they
provide
the
attestation
information,
then
you
can
trust
that
they
are
going
to
do
it
correctly
right.
But
if
it's
something
you
know,
that's
just
like
hey,
you
know
scrape
the
weather
for
me
right.
I
don't
really.
A
A
I
like
it's,
not
the
end
of
the
world,
so
I
don't
really
care
if
there's
at
the
station
information
with
the
weather
every
day
right,
and
so
you
can
put
that
into
the
contract
that
says:
hey.
You
know,
I'd
like
somebody
to
go,
run
a
bot
right
on
their
server.
That's
just
sitting
there.
That's
got
idle
time
and
you
know
that
checks
the
weather
for
me
right
and
so
the
person
on
the
server
says:
okay,
hey.
A
I
can
run
this
series
of
operations
right
from
these
sources
that
we
both
trust
and
they
agree.
Okay.
Yes,
this
is
the
specific
implementation
of
those
operations
that
you're
going
to
be
using.
These
are
the
specific
assurances
that
you
can
provide
me
that
you're
running
them
to
the
specifications
that
I
say-
and
this
is
the
reward
that
I'm
going
to
provide
you
for
doing
that
right
and
then
you
can
set
these.
A
A
A
A
C
A
C
A
A
C
A
We're
gonna,
have
you
know
one
operation.
If
we
want
to
develop
a
chain
of
trust,
we
would
have
one
operation
take.
You
know
the
key
that
it
needs
to
sign
it
right
and
then
produce
the
next
thing,
and
so
we
we
end
up
with
this
data
flow
which
re-rolls
all
the
keys,
so
so
yeah
so
we'll
end
up
with
the
data
flow
that
rerolls
all
the
keys
and
to
do
that,
let's
see
so
if
we
end
up
with
the
data
flow
that
rerolls
all
the
keys,
the
dids
that
get
created.
A
A
A
So
what
if
we
wanted
to
write
a
data
flow
for
this
whole
thing?
And
how
do
we
know?
How
do
we
know?
Okay,
so
we
want
to
write
a
data
flow
yeah.
So,
let's
approach
this
from
a
different
angle,
we
want
to
write
a
data
flow
from
row
key
and
let's
leave
the
file
out.
Let's
leave
the
file,
so
ephemeral,
ssh,
key
user
signing
credential
yeah.
Let's
leave
the
file
out
of
this.
For
now,
let's
leave
the
file
out
yeah,
okay,
so
file.
A
A
A
A
C
A
And
we
will
put
the
did
message
stuff
in
it.
We
will
put
the
did
message
stuff
in
it,
so
we're
going
to
write
the
flow
for
this
file
sharing
thing
over
http
we
are
going
to
so.
Basically,
this
says
this
is
alice,
says,
send
this
file
to,
or
we
say,
alice,
send
this
file
to
bob
and
what
does
alice?
Do
that's
what
we're
going
to
draw
here.
A
So
this
is
the
implementation
knows
how
to
talk
to
the
orchestrator
in
some
way
on
this
api
level
right
and
so
there's
this
tight
integration.
There
yeah,
I
know
so
to
talk
to
input
network,
an
api
level
yeah,
so
there's
a
tight
integration
there
and
we
need
to
manage
that
tight
integration.
Somehow,
because
we
want
that
type
of
api
to
be
visible,
you
know
you
want.
A
A
A
A
Oh
yeah,
I'm
really
excited
about
those
nfts.
Is
our
distributed?
Locking
mechanism
problem
solved
fantastic?
That
was
a
tough
nut
to
crack.
I
had
no
idea
how
we're
gonna
solve
that
one.
This
solves
it
right
for
us,
okay,
so
let's
go
look
at
the
god.
This
is
terrible
in
here.
These
are
going
to
be
great
data
flows.
A
Okay,
so
that's!
Okay,
so
and
memory
memory,
net,
input,
network,
context.
Okay,
so
we
want
to
look
at
operation
implementation
yeah.
We
want
to
look
at
memory,
operation
implementation
network
and
we
need
to
make
sure
that
we
go
back.
Here's
a
to
do
item.
We
need
to
make
sure
that
we
go
back
and
we
re
double
check.
I
mean
we're.
A
A
A
A
A
Can
be
like
what
operations
can
take,
wait,
yeah?
What
operations
can
take,
what
what
inputs?
Oh,
no
yeah,
what
inputs
and
the
way
that
we
would
do
that
is
we
want
to
we
check
if
the
system
context
is
valid
by
checking
the
the
allowance,
so
in
the
allow
list
is
on
the
operation
level
where's
my
notes,
they're
on
my
phone.
A
A
Allow
that's
required,
of
which
inputs
come
from
which
sources
to
be
valid,
validate
in
terms
of
data
structure,
spec
change
of
choice
just
become
valid
to
return
true,
or
else
known
operations
for
validating
providence
chain
identity.
Aware
context
means
the
prioritizer
is
checking
the
identity
to
see
if
the
audit
is
still
valid
to
schedule.
The
next
tick
of
the
context
on
for
that
op.
A
For
that
context,
okay,
worldly
maps
for
web3
and
edge
altimeter
major
dependencies,
oh
yeah,
so
we
want
to
do
when
we're
doing
analysis
of
strategic
plans
when
the
prioritizer
is
doing
analysis
of
strategic
plans,
it
should
look
across
the
network
and
judge
the
relative
scarcity
of
commodities
and
then
or
judge
the
relative
scarcity
of
digital
assets
and
come
to
a
determination
of
effectively
come
to
a
relative
scarcity
is
a
part
of
the
equation,
but
co
effectively
come
to
the
determination
about
you
know.
What
is
this
state
is.
A
Is
it
something
that
we
can
assume
is
a
commodity
sort
of
in
terms
of
like
investment
in
trains
of
thought
right?
So
you
want
to
predict
out
there.
You
want
to
use
that
data
that
you're
grabbing
from
the
network,
and
you
want
to
predict
out
there
and
you
want
to
say
you
know
what
is
what
are
these
things
that
I
see
becoming
a
commodity
to
where?
A
Maybe
we
just
think
about
this
a
little
bit
more
and
then
we
execute
later
right
and
and
basically
you
know
having
a
strategic
plan
that
sits
there
and
thinks
about
that
type
of
thing
right
and
is
evaluating
other
system
contacts
that
get
presented
and
says
you
know
I'm
not
ready
to
to
bid
on
that
one.
Yet
right,
I
think
you
know
maybe
later.
C
A
So
how
do
we
get
to
this
thing
that
we
wanted
to
show?
Well,
what
do
we
want
to
show
what
we
want
to
show?
Our
next
immediate
goal
is
to
show
cbe
been
tool
running
across
multiple
machines,
where
we're
sharing
the
mirror
and
we're
going
to
spin
up
cve
bend
tool
as
an
operation
and
we're
going
to
use
cv
event
tool
as
an
operation
to
scan
a
directory,
and
when
we
do
that,
we're
going
to
do
it
in
a
distributed
fashion.
A
Let's
see,
yeah
we're
going
to
be
issuing
these
contracts
with
tbdx
and
then
we're
going
to
you
know,
do
the
bid
process
and
and
the
and
the
contracts
that
we
issue
are
going
to
be
these.
You
know,
system
context
and
the
system,
contratex
is
just
an
invocation
of
cbe
been
tool.
You
know,
given
a
particular
input
source
right
and
that
input
source
is
going
to
be.
You
know,
provided
by
a
data
flow
like
or
an
operation
right,
so
it
would
be.
A
You
know,
provide
input
to
cv
event
tool
right,
so,
in
cv
event
tool
takes.
You
know
a
directory,
for
example
right,
so
we
better
feed
a
directory
into
cv,
bend
tool
and
so
whatever
flow
that
we
put
in
front
of
that
to
produce
a
directory
right.
So
be
it,
but
we
better
give
it
a
directory
right,
and
so
then,
that
directory.
C
A
A
A
A
A
C
A
Okay,
ask
okay,
so
why
is
there
only
one
currency,
okay,
so
we're
just
going
to
put
source
currency
data
type
string,
source
amount?
Okay,
so
we'll
say
this
is
manifest.
So
we'll
say:
hey
you
know
I
I
have
you
know
you
can
put
up
you.
Basically,
you
put
out
these
every
time
a
system
context
is
put
into
the
network
because
the
input
network
generates
a
did
for
each
input.
A
Then
there's
going
to
be
a
system
context
with
a
d
id
on
it
right
and
we
can
have
different
flows
that
hook
onto
the
front
of
that
that
say:
hey
you
know
if
it's
a
system
context
with
the
you
know,
basically
link
it
via
the
lineage
for
this
execution.
So
each
execution
is
a
system
of
context
and
when
it
gets
picked
up
and
executed,
you
create
a
new
system
context.
You
link
to
the
old
one
and
at
the
point,
when
you
link
to
the
old
one.
Basically
so
do
they
have
a
diagram?
A
C
A
C
B
C
A
A
A
C
A
C
A
Target
currency,
usdc,
okay,
so
source
currency,
blank
target
source
amount,
blank
target
currency,
blank
okay.
So
what
do
we
want
to?
Do?
We
don't
care
about
money,
so
we
we
don't
care
about
money,
so
we
care
about
source
currency
as
a
did
for
the
thing
that
we
want
to
buy
and
then
source
amount
blank
and
then
target
currency.
A
C
A
A
A
A
A
A
A
Message:
authentication,
encryption,
synchron,
okay,
so
this
is
you
know
this
is
basically
we're
sharing
we're
sharing
we're
in
the
sharing
mode,
so
our
implementation
or
our
input
network
has
been
instantiated
with
parameters
that
says
it's
going
to.
You
know
not
sign
for
when,
when
messages
are
going
to
these
parties-
and
it's
going
to
you
know-
have
operations
which
are
sending
inputs
to
two
chains
over
different
transport
protocols
right
so,
okay,
so.
A
A
A
A
A
A
A
A
A
C
A
Protocol
itself
does
not
rely
on
a
federation
to
control
permission
or
access
to
the
network.
There's
no
governance,
token,
it
is
most
in
its
most
abstract
form.
It
is
an
accentual
messaging
protocol
with
the
ability
to
form
distributed
trust
relationships
as
a
court
design
facet.
The
protocol
itself
is
no
opinion.
What
the
osmo
trust
relationship
between
an
individual
wallet
and
a
participating
financial
institution
should
look
like
nature
of
the
trust
relationship
will
never
be
universal.
Different
jurisdictions
are
subject
to
different
lessons.
Okay,.
A
To
the
id
document
submit
a
data
file
that
contains
two
primary
data
elements
could
traffic
material
that
the
id
owner
can
use
to
prove
control
over
an
associated
d,
id
routing
endpoints
for
locations
to
really
contact
identity,
hub
personal
data
storage
and
relay
did
methods,
maybe
for
very
different
ways.
System
must
be
open
public
and
permissionness.
A
Verified,
okay,
so
yeah,
so
this
is
basically
this
is
saying
these
are
the
exemplar
methods.
Okay,
so
if
you
implement
a
method,
this
is
the
things
you
should
strive
for
right.
So
we're
saying
that
every
operation
could
be
a
method
right
so
and
then
you
know
we're
going
to
try
to
add
in
some
extra
stuff
on
top,
like
you
know,
collecting
the
work,
the
provenance
information
for
us
to
enable
some
of
these
things
right.
We
can't
do
everything
for
the
implementation,
but
we
can
try
to
do
some
sitting
on
top,
probably
yeah.
C
A
Be
required
to
first
onboard
through
a
separate,
centralized
exchange
to
produce
crypto
assets
with
payment
instruments
before
transferring
those
crypto
assets
back
into
the
wallets
individuals.
Organizations
could
leverage
the
put
okay.
So
basically,
this
allows
you
to
say
hey.
You
know.
I
trust
that
you
change
the
money
elsewhere.
A
Right
protocol
enables
us
to
provide
a
streamlined
customer
experience
with
direct
on
and
off
ramps
between
the
traditional
and
decentralized
financial
worlds.
This
means
customers
can
use
custom
shelf
custody
wallets
without
having
to
give
up
convenience
exchange
for
security
or
self-hosted
options.
A
A
A
A
I
can
change
you
know
this
unexecuted
manifest
into
this
executed,
manifest
it's.
What
we're
gonna
say
right,
so
ask
to
change
unexecuted
manifest
into
executed,
manifest
bid,
change,
executed,
manifest
or
change.
Unexecuted
brain
or
that's,
that's.
Okay!
All
right
I
have
to.
I
have
to
pee
I'll,
be
back
and
I
think
we're
gonna
use.
Yeah.
Okay,.