WIP: "Become an Anchor" guide redux

[Mr0grog]

This isn’t even sort of done yet, but I want to get it in public so @jedmccaleb / @bartekn / @nullstyle can take a basic look at whether I'm doing things right with the various prebuilt servers and @mozzadrella can start to gut-check me on direction.

Unlike the old guide, this:

• Covers topics of federation and compliance
• Uses the pre-built federation server, compliance server, and bridge server
• Has diagrams :)

[jedmccaleb]

For these diagrams, can we change it to "Your FI" instead of "Your Bank" or "Your Financial Institution" or maybe just "Your Infrastructure"

[Mr0grog]

@jedmccaleb, yeah, definitely. The diagrams may need some general revision anyway; I was trying to get a) a condensed version of the bigger diagram so you could actually see it all at once and b) show how it works with/without various addons like federation and compliance.

Probably not "FI" (I think that abbreviation is problematic; it seemed to be when I asked people about the old doc, which also used it). Will have to think about whether "financial institution" or "infrastructure" is better.

[Mr0grog]

Also, organizationally: do we want/need a better structure for where images go, filesystem-wise?

[jedmccaleb]

you mean like docs/images or something?
I think I like "infrastructure" best. If they are considering doing this then they know they are a financial institution.

[bartekn]

When it comes to diagrams I'd add a background layer for Your/Other FI. Right now, it's not clear where each part of the system belongs.

[Mr0grog]

you mean like docs/images or something?

Yeah. Is it ok that the images are just free-floating in the guides directory right now, or should they be grouped into a directory? (probably with the same name as the guide)

Relatedly, I can put the sketch files in dropbox, but should they also live in the repo? Seems like that would make sense.

I think I like "infrastructure" best.

What about “your systems?” (“infrastructure” is good, too, just slightly more jargon-y.)

When it comes to diagrams I'd add a background layer for Your/Other FI.

Yeah, that's probably a good idea.

[jedmccaleb]

Seems better to have the images in a separate dir but I don't feel strongly about it. Also don't feel strongly about sketch in the repo or not. Probably better to have it be here.
"your systems" is ok seems less clear than "infrastructure" though.

[Mr0grog]

Ok, basic first draft of all the parts, fully working. Needs cleanup:

• This is way too long. Needs to be split up into
  1. Architecture/overview
  2. Bridge
  3. Federation
  4. Compliance
  5. Next steps.
• Intro should be beefed up with a full diagram and overview of how the parts fit together. I originally wanted to introduce things step-by-step, but in hindsight, I think I need to give a better big picture overview first, especially now that it has gotten so long.
• Diagram cleanup (maybe w/ help from Romina)
• Need some explanation around domains, SSL, and how to get it running locally-ish. @nullstyle do you think your non-SSL mode support will land soon-ish? Should I just write the guide pretending they can do that in a test situation?
• Need to clean up language/details around database stuff. In the current release, only MySQL (or MariaDB) works, but I know you’re fixing Postgres, @nullstyle. Should I assume that will ship before this guide and just write it as if that works?
• Need Java examples (and some JS ones are missing, too)
• Integration testing:
  • I had been trying to avoid telling people to just send a payment to themselves (e.g. from amy*your-org.com to bob*your-org.com), but I guess that actually works and does exercise the full flow. Should I just do that? Otherwise…
  • It might be useful or helpful to ship a dummy server that does federation & compliance for any address, so you can send a payment through your bridge + compliance setup to it. Otherwise, it seems a little rough to say “just duplicate your whole infrastructure so you have something to transact against” :\
  • UPDATE: I went with suggesting that people send a payment to themselves so this didn’t seem obscenely complicated to a reader. (4da981b)
• Next steps: what else should be there besides the security doc and running core? Channels? /@jedmccaleb @bartekn @nullstyle

[jedmccaleb]

Looks great. are things like "[^friendly_names]" placeholders?
nm I see they are foot notes. Do these work in the dev portal?

[Mr0grog]

@jedmccaleb what exactly is the right context for AML vs. KYC?

[jedmccaleb]

KYC is a more thorough process that a bank will go through when someone is creating a bank account with them. When they are sending a payment they just need enough info on the recipient to do the AML check to make sure the recipient isn't on some sanction list. Since people already have accounts in these scenarios, we are just dealing with AML.

[Mr0grog]

Ah, gotcha. I had thought KYC referred to exchanging the information as well, not just initially gathering it. Will keep that in mind!

[Mr0grog]

are things like "[^friendly_names]" placeholders?

Those are named footnote links. So you can footnotes like [^1] or like [^topic_here]. I like the latter more since you don’t have to re-number everything if you insert a new one higher up in the document (they also provide a little clue about the subject of the note).

[Mr0grog]

The above splits the anchor guide into a 5 page group, kind of like the get started guide. I also added support in the build scripts for metadata named section in the frontmatter as seen here: f2cc40d#diff-d90ab5683bfaab7c60803d1fd7dcd389R3 that automatically builds the previous/next links like the ones on the get started guide.

Not sure if that’s desirable (it kind of obscures the links when reading straight markdown or in github). Any thoughts on it?

[bartekn]

Rewrote Java examples as requested in 0689e88.

[Mr0grog]

Ok, I think this is mostly done save for:

• A last pass of work on improving the diagrams
  • Have talked with Romina about getting some input on improving the appearance and clarifying the arrangement and ordering of things.
  • Make sure they are appropriately sized, compressed, maybe multiple versions (SVG and PNG)
• Need sidebar support in developers repo
• Need next/back links (going to see about autogenerating these in developers repo)

But otherwise, I think this is pretty much there, excepting any further feedback anyone’s got. Please let me and Romina both know if you think there are technical inaccuracies in the diagrams, too. /cc @jedmccaleb @nullstyle @bartekn

[Mr0grog]

Side note about autogenerating back/next links: just realized this might not actually be desirable given that we want these to be reasonably browsable on Github. Thoughts? (Update: have added the links to the docs instead of autogenerating)

Also! This references the security guide (#149) in the next steps section. That PR isn’t ready to land yet, so we either need to finish it (it’s waiting for feedback from other people) or pull it from next steps here. (Update: security guide has since landed.)

[bartekn]

Looks great! 👍

[bartekn]

SIGNING_KEY is used to sign Auth Request (sig param) so receiving organization can check whether it was really sent by the sender organization.
There will be also ENCRYPTION_KEY in stellar.toml file but we haven't decided on the format yet.

[Mr0grog]

@bartekn Ah! I admit to not having inspected data on the wire to see if this was additionally used for encryption. D’oh! How about:

SIGNING_KEY is the public key that matches the secret seed specified for signing_seed in your compliance server’s configuration. Other organizations will use it to verify that messages were actually sent by you.

[bartekn]

Sounds good!

[Mr0grog]

✅ DONE!

[Mr0grog]

Added the back/next links to the docs. Needs stellar-deprecated/developers#84 for nicer styling.

That just leaves improved diagrams from Romina, I think.

[jedmccaleb]

Nice work Rob!