We at the Mastercoin Foundation take pride in our privacy and security,
and would like to make the following announcement regarding use of PGP
within the organization. Looking forward, our team will use PGP to sign
and verify commits in all our upstream repositories, and these dev blog
posts will be verified with a signature every time. This ensures consistency
and security, to know the folks behind the product, and to understand
the implications of downloading and executing our code.
Web of Trust
Our web of trust is based on a secure network of face-to-face confirmations
and keysignings. Currently, our web of trust is as follows:
– – – – – Zathras, Core Developer (BE91B32B)
– – – – – Michael, Core Developer (612F1CEF)
– – – – – Shannon Code, Head of Security (65C309B9)
– – – – – Marv Schneider, Product Manager (9BF81EFD)
– – – – – Nevtep, Developer (6D463F34)
– – – – – Bart Wyatt, Developer (A12BB6C8)
– – – – – Adam Chamely, Omniwallet Lead (83A266F3)
– – – – – Sean Gilligan, Developer (6E4EE875)
– – – – – Faiz Khan, Developer (8C399E1F)
We have a highly trusted network of developers who merge code, accompanied
by an untrusted network of external developers who submit pull requests to
be reviewed by the trusted parties. This process is managed by “merge leaders”
who lead the feature direction and development discussion. The developers
take lead from these leaders and follow suit committing code that suits
the current milestones.
This state will likely never change as we transition forward into a model
of continuous integration (see https://en.wikipedia.org/wiki/Continuous_Integration).
The Omniwallet and Master Core teams look forward, as always, to lead
these security efforts. Our merge and scrum leaders are Adam, Marv,
Zathras, Sean and Michael.
Shouts to Adam, DexX, Craig, Ron and anonymous others for assisting in the
editing of this post.
“Pleasure. Life is pleasure expressed.”
– Ron Gross
Full, PGP signed article linked here