joystream icon indicating copy to clipboard operation
joystream copied to clipboard

Published 20 hours ago verified publisher icon Joystream

Image Safety

Open bedeho opened this issue 3 years ago • 4 comments

Background

Many parts of the platform allow users to select image assets which displayed in reference applications like Atlas, Pioneer and future equivalents. Some assets are stored externally, and only referenced through URLs (as membership avatars currently are) and some are stored on Joystream DAO storage infra. The problem is that users are free to specify abhorrent content (i.e. content that the vast majority of people would have a very bad time being exposed to) which radically degrades the experience of using these products. For example, let's say someone buys a bunch of NFTs, which surfaces their ownership on a bunch of screens in Atlas, and then they swap out their membership picture to something abhorrent. This would really detract from the experience of the creators and their audiences. While there could be application host level curation of these things, it would be hard to do at scale, and the curation would be siloed.

Proposal

  • Membership evangelists (workers) can curate membership avatars.
  • Council members can curate candidate photos, through proposals.
  • Content curators can curate channel cover photos, channel avatars, membership avatars.
  • Bounty working group can curate bounty preview images.

Curation is basically just a signaling exercise which tells compliant front-ends to hide display, at least by default. These actions should not require new extrinsics, they should be sent as metaprotocol messages (#1990). This allows the community to easily update what can be curated, as the metadata standards for each subsystem starts to evolve.

There probably also should be some sort of on-chain signaling allowed so that curators can get inbound alerts.

┆Issue is synchronized with this Asana task by Unito

bedeho avatar Nov 20 '21 10:11 bedeho

I doubt proposals would work for a problem like this, especially if someone attempts a sustained attack.

mochet avatar Nov 22 '21 07:11 mochet

I doubt proposals would work for a problem like this, especially if someone attempts a sustained attack.

Yeah, needs to be leads or even workers.

bedeho avatar Dec 15 '21 18:12 bedeho

@bedeho we need your help to unpack this. Perhaps right after carthage good time to speak ab it on one of the standups themed urgent-post-mainnet

dmtrjsg avatar Jul 28 '22 10:07 dmtrjsg

Sounds good :) This issue is by far most sensitive in Atlas, and should probably be thought of together with the new reporting feature in the app, perhaps that feature would even be sufficient.

bedeho avatar Jul 28 '22 18:07 bedeho