Question about radicle project ownership

Hello,

I've just discovered radicle and considered using it for a project I'd like to start (I am aware that it is still experimental but I'd be willing to try it). However, after reading your website, I still have a question about how project ownership is handled by radicle or, more specifically, if I need access to the computer on which the project was initialized to be considered maintainer. I work on different computers and would like to be considered maintainer on all of them. Is this possible? My first guess would be to use copy the key file on all of those machines but the documentation didn't really explain what exactly they sign.

Thank you for your time,
David Passens

Hi David,

Hello,

I've just discovered radicle and considered using it for a project I'd
like to start (I am aware that it is still experimental but I'd be
willing to try it). However, after reading your website, I still have
a question about how project ownership is handled by radicle or, more
specifically, if I need access to the computer on which the project
was initialized to be considered maintainer.

The short answer is that for now, unfortunately yes.

I work on different
computers and would like to be considered maintainer on all of them.
Is this possible? My first guess would be to use copy the key file on
all of those machines but the documentation didn't really explain what
exactly they sign.

First, there is a distinction between the git part, and everything else
(issues, patches, the project itself, and anything you might want to add
on top). The git layer doesn't really use the radicle stack - it just
pushes (/pulls) directly to IPFS.

As for the issues, etc.:

In theory, multiple people can "semantically" be maintainers, in the
sense of having extra rights such as merging PRs or closing anyone's
issues.

However, a *separate* notion is who the source of truth is. For the
latter, there is by default only one, to ensure consistency; and that
person has to be online when anyone else does any writes, whether
maintainer or not, since they co-ordinate (give definite ordering to)
writes. In essence, they're a synchronization point. This latter notion
is associated with the IPNS key for each machine. So unless you're
willing to risk inconsistency by having multiple entities have keys,
you're for now stuck with needing a designated computer being online for
writes.

We're working on a system, however, that (to a first approximation)
doesn't require you to trust the IPNS key-owner. They wouldn't have any
more power for having the key; they can't, for instance, rewrite
history, or break the semantics. So you can have someone who promises
high-availability hold the IPNS keys, but keep maintainership at the
semantic level, without risking anything.

As for the git part, there is no type of write that a non-key-owner can
do, so in practice you can only have one maintainer. (We have some ideas
of how to improve this, but don't really know when we'll get to it.)

In practice, you *could* copy IPNS keys to your other computers, but you
should understand this risks rewriting history. If A and B both have
keys, and A sends some new commits/issues/whatever, and B does that too
before having seen A's changes, one of their changes will get
overwritten. The chance of this could be fairly small in practice if A
and B are both your own computers, but it's still a bit dangerous. If you
want to still try this option out, I can write a little script to
find/export the relevant keys. Let me know.

Cheers,
  Julian

···

On Mon, Jul 29, 2019 at 02:26:32PM +0000, 'David Passens' via Radicle wrote:

Thank you for your time,
David Passens