Updates on EP10 - Community Run Identity Server (Mid-April)

Hey all - just wanted to give a few updates since the passing of EP10 after the vote. Given that this is quite an experimental thing, we plan on sticking to as much transparency as possible as we go through the process of setup, group formation, and updates.

Hosting the Server

For the first step in this process, we will be establishing a new Cloudflare account to be owned by the DAO for the community-hosted IdP. As mentioned, the server is optimized to be both information minimizing and lightweight to be run as a Cloudflare Worker. We will begin to work out the best security and privacy practices to provide transparency and decentralized governance, with regular updates to the ENS forums.

Under a new repository, we will:

  • Clone the siwe-oidc repository with the OIDC-IdP source code to version lock it, adding supgroup approval requirements for code upgrades.
  • Fill the private configuration file with the relevant account id, secret, and more within GitHub CI/CD.
  • Publish and deploy the Cloudflare Worker using GitHub CI/CD.
  • Prepare to transfer the repository to a neutral GitHub organization to be determined.

We will then create onboarding guides for any delegate brought into the service as observer, administrator, or other role to monitor operations, perform account maintenance, or provide report-outs for the community as is appropriate per role.

These guides will also be made publicly available via a document that is shared, with sensitive information redacted as needed. This will ensure that individuals being onboarded are able to follow a clear set of instructions that are relevant to this task, and if Spruce were to ever be removed from maintenance duties, there is a clear way of onboarding a new maintainer.

As for the updates and maintenance of the server, this will come in the form of updates about the health of the server, any new updates or upgrades, and an open forum for questions or roadmapped suggestions possibly here on Discourse.

Subgroup and Retroactive Grants Process

Once some of the preliminary steps are ironed out, the subgroup will be open for anyone to join.

This post can be seen also as an open solicitation for folks that wish to indicate interest and remain informed. Once an initial group of members is set, the group will aim to meet on a monthly cadence via a call (with more or less as required), with asynchronous chat occurring on the Discourse forum in order to eliminate operational overhead.

The call will discuss anything related to the health of the server, any new grant requests from the subgroup’s allocation, and more. These calls will be recorded, with minutes posted publicly in order to keep full accountability.

As part of this proposal, the subgroup will be allocated $75,000 towards retroactive rewards related to efforts around Sign-In with Ethereum development, evangelism, and more.

In order to effectively grant those rewards, a process will be put in place by the initial set of members that will include how to request rewards, and what kind of accountability is required.


Next Steps:

  • Initial group outreach for collective administration of the IdP.
  • Solicitation for membership in the subgroup.
  • New Cloudflare worker deployed based on the above process.
  • Onboarding materials will be posted publicly.
  • First subgroup call scheduled.
  • Structuring proposal for grants process.

Raising hand for subWG participation :raised_hand:


Nice, it’s a really impressive initiative!

Under which workgroup will the subgroup be? I’m just curious.



1 Like

Thank you! I’m interested in participating in the subgroup.

1 Like

It’s under the Ecosystem WG. Check out the EP10 Snapshot for more info.

1 Like

I’d like to participate in the subgroup as well :slight_smile:

1 Like