Sorry for the very late application. (23:30 31/05/2020 BST)
I am putting myself forward for the MGRC. I have been an active member of the community since the big ASIC thread. I am currently on the Community Governance Panel and was heavily involved with the process that got us here. From writing and help writing numerous ZIPs to participating in all the voice chats and discussions surrounding NU4 and what happens with the dev fund.
I am only interested in zcash and have been part of bitcoin since 2010/2011.
I am very keen on seeing this process through and working out what needs to be done next.
I strongly believe that the MGRC is in a position to add requirements for professional security reviews and audits to key network applications. I have worked with a number of different companies that can provide these services. So has the ECC. I would like to leverage that knowledge as much as possible These can be additional and funded by the MGRC. I will use all my knowledge and skills to make this happen. I go into further details in this post.
I have a long history in software development, hardware and cryptography. I currently sell vulnerabilities to red teams and pen test companies. I find these mainly through reverse engineering and automation. I have worked in development for 18+ years and am familiar will most development lifecycles and constantly working with different teams. I predominantly come from a testing and security background. I have been responsible for budgeting, resource management and dev life cycles for blue chip companies.
Because my work now is for myself and is highly automated I have quite a lot of time to dedicate to other things. I would like to put that time towards working on making zcash a more complete and well rounded software ecosystem. I am not sure if this will be a full time role, if however it does turn out to be I can and am willing to put the time in and do what is required.
I think that the first year for the MGRC will be different to the next ones. Mainly because it is new and needs quite a bit of documentation and working out how best to proceed. This is going to require conversations between recipients, potential recipients, the foundation, CGP/CAP and internally within the MGRC.
I see the main areas that need to be sorted for a decent foundation will be documenting, writing up the processes and ironing out best practices / strategies for accounting, transparency, accountability, community feedback, taxes, protocols and maybe most importantly, communication.
A lot of this is not “forward facing”, but once it is done it will be easier for people to follow. The people who take this through the first year may well not be the best people to keep it running, they are different skill sets. and I think it might take up to 18 months to get it up and running fully, depending on how this works out and the amount of time people can commit.
It is essential that all the work that is being done, forward facing or not, is fed back to the community. If this role were to receive some form of remuneration then it is essential that the community knows where and why their zec is being spent. The dev fund is to make zcash technology a viable long term asset to the world and that means everything must be accountable.
Regarding remuneration, I didn’t initially think this role would be compensated. If it is more than 8 hours a week over an 8 week period I would like some form of compensation.
To further elaborate on this: (added on 1/9/2020)
I am applying for this position out of love for zcash and the zcash mission.
From what I can see all the candidates are asking for little to no money. I strongly believe these candidates will proactively work to forward zcash regardless of remuneration. The zfnd has graciously agreed to act as arbiter of “fair market value” and it is pretty clear they are very generous / fair with these. I am sure they can do the same to evaluate the hours spent by the MGRC that is not already outlined. - I for one am very happy to put in the work, let someone else (zfnd) decide what it is worth (if it is worth anything at all, quite a lot of work isn’t.) and go from there. It is very similar to the nature of my current work, bounties, you never really know what something is worth until you try to sell it.
If I spend 4 hours a week on admin and communication, I really don’t feel strongly about being compensated for this, I think ambivalent might be too strong a position for me. I really respect the zfnd offering to compensate for the grant specific related work.
Achieving the mission is my goal - if any of my skills can help realise this, then I will do what is needed. I have sunk a lot of unpaid time into this already and I have a lot of things I can bring to the table to compliment the MGRC in its grant making decisions. Specifically around formalised security processes. (I am not a guru on this, but I know what they are, what they should look like and how to read/generate the reports.)
I really think that the MGRC using some form of Requirements Based Processes (something like IBM DOORS/Microsoft Tactics) would go a long way to help standardised common security practices across independent projects. Projects getting MG’s will have to show they have done their due diligence as part of the submissions process. I can certainly point applicants to companies that have skills to perform this work, be it for cryptographic stuff, code analysis stuff, network stuff or web based stuff or some combination of the above.
I have put a lot of effort into getting us to where we are now and would really like the chance to take this further.
I really thank the ecc and zfnd, for giving the community this amazing opportunity. It really does quell any criticism or concerns I have ever had about their intentions. Particularly @zooko, big respect. - The fact I can even apply for this position speaks volumes to your true intent. If I get elected I will not squander this opportunity.
(/end further elaboration)
Please feel free to ask me some questions and I hope to get your vote.
Some zcash stuff I have done:
Wrote and championed a number of NU4 proposals.
I am part of the CGP/CAP.
I am heavily involved with the community and moving forward with zip 1014.
Part of a team that made a hardware wallet. (fpga based)