You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello all, we started building Webb CLI Tools, an easy to use, fast, secure, and privacy-focused way to interact with Webb!
So, I wanted to share with you some goals and ideas we aim for now, and this a discussion so feel free to comment here and add more ideas!
But, the first thing worth mentioning here, this CLI is by no way to replace our Web UI (dApp), in fact, it is built to be compatible with each other, for example, you can do a Mixer "Dopesit" using the CLI and then later export it and do a Mixer "Withdraw" on the Web UI using the exported "Note" (Proof).
With that out of the way, let's share some goals and ideas!
Easy to Use 🐤
CLIs tend to be easy to use, one command, and hit enter and you are good to go!
Webb CLI is no exception, in top of that we try our best to make it obvious, and misuse-resistant, don't make the user think! the commands should be self-explaining and be helpful as possible.
Here are some examples:
$ webb mixer deposit --group 1
if the user omitted the --group option, the CLI then would prompt them to chose one of the available Mixer Groups!
$ webb account genrate --alias shekohex
here we did a common mistake, but the CLI should give you a helpful error message like so:
error: The subcommand 'genrate' wasn't recognized
Did you mean 'generate'?
If you believe you received this message in error, try re-running with 'webb account -- genrate'
USAGE:
webb account <SUBCOMMAND>
For more information try --help
Fast ⚡
Well, we will not talk about this too much, it is built in Rust, very fast, and small works everywhere.
Next!
Secure 🔒
Webb CLI uses a local Key-Value Store, sled! it is easy to use, fast, and durable.
but, sled is not encrypted by default! so we have to think more about this, currently what I have in my mind is to build a thin wrapper around sled where we do Encryption whenever we write data to the database and decrypt that whenever we need to read from it.
The result would be a fully encrypted and secure data store, that would contain the user's accounts, generated secret proofs/notes, and anything else!
Misuse-resistant 🚫
Users do mistakes and sometimes misuse the tools, we should avoid this, or at least make it so obvious to the user that you really doing something wrong!
One of these things is easy passwords! or the common one, we should prevent the users from using easy passwords, and enforce using stronger ones.
Also, we should prevent the users from passing the passwords as an option to the command line, this so dangerous
but, we should not make it very hard, instead, we will provide a global flag called --unsafe, and if this flag is enabled (which is not enabled by default) the user can pass the password as an option, that may be helpful for testing, but again this an opt-in and you will see a big warning about that you are using unsafe option!
Privacy 🕵️
Webb is built from the ground up to be privacy-focused, it is in Webb DNA so that we follow the same way in the CLI.
it will show you your Real IP whenever you do an operation that accesses the internet, like doing a Mixer deposit/withdrawal.
Nonetheless, it could also provide an option to use an Onion Routing Network, like TOR, to hide your real identity when trying to do anything.
Final thought.
I'm pretty excited for Webb, and very happy with what we are building here, and I think there is a lot of ideas to be added here too, feel free to suggest whatever you think would be useful to add!
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hello all, we started building Webb CLI Tools, an easy to use, fast, secure, and privacy-focused way to interact with Webb!
So, I wanted to share with you some goals and ideas we aim for now, and this a discussion so feel free to comment here and add more ideas!
But, the first thing worth mentioning here, this CLI is by no way to replace our Web UI (dApp), in fact, it is built to be compatible with each other, for example, you can do a Mixer "Dopesit" using the CLI and then later export it and do a Mixer "Withdraw" on the Web UI using the exported "Note" (Proof).
With that out of the way, let's share some goals and ideas!
Easy to Use 🐤
CLIs tend to be easy to use, one command, and hit enter and you are good to go!
Webb CLI is no exception, in top of that we try our best to make it obvious, and misuse-resistant, don't make the user think! the commands should be self-explaining and be helpful as possible.
Here are some examples:
if the user omitted the
--groupoption, the CLI then would prompt them to chose one of the available Mixer Groups!here we did a common mistake, but the CLI should give you a helpful error message like so:
Fast ⚡
Well, we will not talk about this too much, it is built in Rust, very fast, and small works everywhere.
Next!
Secure 🔒
Webb CLI uses a local Key-Value Store,
sled! it is easy to use, fast, and durable.but, sled is not encrypted by default! so we have to think more about this, currently what I have in my mind is to build a thin wrapper around
sledwhere we do Encryption whenever we write data to the database and decrypt that whenever we need to read from it.The result would be a fully encrypted and secure data store, that would contain the user's accounts, generated secret proofs/notes, and anything else!
Misuse-resistant 🚫
Users do mistakes and sometimes misuse the tools, we should avoid this, or at least make it so obvious to the user that you really doing something wrong!
One of these things is easy passwords! or the common one, we should prevent the users from using easy passwords, and enforce using stronger ones.
Also, we should prevent the users from passing the passwords as an option to the command line, this so dangerous
but, we should not make it very hard, instead, we will provide a global flag called
--unsafe, and if this flag is enabled (which is not enabled by default) the user can pass the password as an option, that may be helpful for testing, but again this an opt-in and you will see a big warning about that you are usingunsafeoption!Privacy 🕵️
Webb is built from the ground up to be privacy-focused, it is in Webb DNA so that we follow the same way in the CLI.
it will show you your Real IP whenever you do an operation that accesses the internet, like doing a Mixer deposit/withdrawal.
Nonetheless, it could also provide an option to use an Onion Routing Network, like TOR, to hide your real identity when trying to do anything.
Final thought.
I'm pretty excited for Webb, and very happy with what we are building here, and I think there is a lot of ideas to be added here too, feel free to suggest whatever you think would be useful to add!
Beta Was this translation helpful? Give feedback.
All reactions