Deliverables

Note: The bounties for proposal reviews are posted in the Channel Details of the Bounty Payments channel of the CodeGov community on OpenChat.  Please verify that you understand the terms and conditions of the bounty before you spend time on the review.  The bounty may change from time to time to help incentivize participation.

Review Goals

• IC-OS Verification - build the IC-OS image from source, verify that the URL offers a good download, and verify that the sha256 hashes of your build and from the download match the hash submitted in the proposal payload.  A method for accomplishing this task can usually be found in each proposal or on the Training page of this website.

• Release Notes - perform a sanity check

  1. A sanity check is open to interpretation, but might consider the following type of information: 

     • relevance of the changes

     • consistency between code and descriptions

     • correlation of changes to previous governance motion proposals

     • discrepancies, errors, and inconsistencies that should be a surprise to developers or the IC community

  2. Write a summary of your conclusions.  The quality of your report will help you gain credibility and increase the payout you are able to receive from the CodeGov project.  

     • It is especially important for your report to highlight changes that seem controversial or warrant further discussion before implementation

  3. Note: deep dive security and bug audits are not the goal of the CodeGov project.  That needs to happen over time by people and organizations in the IC community, but is not a practical expectation at this time for this project.  DFINITY employs the best and brightest developers and researchers who thoroughly test, document, and review the code they push in updates.  The value in the IC community reviewing Replica Version Management is to maintain an understanding and voice regarding what is changing and why it is changing.

Review Requirements

• All proposal reviews must be submitted within 48 hours after the Replica Version Management proposal was submitted to the NNS.  The report must be submitted by commenting on the poll for the proposal you are reviewing in the CodeGov portal on DSCVR.

• To be eligible for the bounty, all reviews must include the output of the codegov.sh script described on the Training page. 

• To be eligible for the bounty for IC-OS Verification, you must include a screen capture that shows evidence of your IC-OS Verification

• To be eligible for the bounty for Release Notes, you must submit a written report of your findings.  Please note it is not necessary for every reviewer to review all release notes.  Review what you can in a reasonable timeframe and clearly state which release notes you reviewed in your report.  Over time we will figure out how to align reviewers so all release notes are covered by one or more person.

• Please submit your work hours that you spent on your review.  You will be paid for the max number of hours that are announced each week in the "Current Bounties for Reviewers" post that is pinned to the top of the CodeGov portal on DSCVR.one, so please manage your time accordingly.

• Please use a single comment to contain all details of your report.  If you make a mistake that needs to be corrected or need to add more information, then edit your comment to make changes to your original comment.

• Don't forget to vote on the DSCVR poll for the proposal.

Quality Control

• All reviews are public.  The hours reported by each Reviewer will be accepted on an honor system.  Reviewers can upvote / downvote and comment on each others work.  Consistently poor quality work may result in removal from the Reviewer role.

Bounties

Incentives for participating in these proposal reviews will be provided in the form of ckBTC tipping.  The amount of ckBTC will be determined each week based on what seems to be required to encourage participation.  There will be a fixed bounty for every IC-OS Verification review plus a fixed hourly rate for people who perform reviews of Release Notes.  Anyone who performs a review of the release notes is asked to submit their work hours at the end of their review.  If no hours are submitted, then no bounty will be paid for review of the Release Notes.  The bounty that is offered can grow or shrink based on number of participating reviewers and available funding each week and will be announced in a pinned post in the CodeGov portal.

A bonus may also be offered for anyone who discovers anomalies in the proposal details and code.  This includes features not documented in the change description, issues/bugs/edge cases that weren't considered by DFINITY, a comment or suggestion for a change that is accepted by DFINITY, or identifying something about the proposal that causes a stir in the community of developers.  The amount of the bonus will be determined by the Manager in consultation with select reviewers.

Airdrops

• THERE WILL BE NO AIRDROPS FOR CODEGOV COMMUNITY MEMBERS.  CodeGov exists to incentivize developers to take time each week to review important updates to the IC via the Replica Version Management proposal topic.  Only people who perform these services will be tipped for their work.