Note: The bounties for reviews are posted in a pinned post on the CodeGov portal on DSCVR. Please verify that you understand the terms and conditions of the bounty before you spend time on the review. The bounty may change from time to time to help incentivize participation.
IC-OS Verification - build the IC-OS image from source, verify that the URL offers a good download, and verify that the sha256 hashes of your build and from the download match the hash submitted in the proposal payload. A method for accomplishing this task can usually be found in each proposal or on the Training page of this website.
Release Notes - perform a sanity check
A sanity check is open to interpretation, but might consider the following type of information:
Write a summary of your conclusions. The quality of your report will help you gain credibility and increase the payout you are able to receive from the CodeGov project.
It is especially important for your report to highlight changes that seem controversial or warrant further discussion before implementation
Note: deep dive security and bug audits are not the goal of the CodeGov project. That needs to happen over time by people and organizations in the IC community, but is not a practical expectation at this time for this project. DFINITY employs the best and brightest developers and researchers who thoroughly test, document, and review the code they push in updates. The value in the IC community reviewing Replica Version Management is to maintain an understanding and voice regarding what is changing and why it is changing.
To be eligible for the bounty, all reviews must include the output of the codegov.sh script described on the Training page.
To be eligible for the bounty for IC-OS Verification, you must include a screen capture that shows evidence of your IC-OS Verification
To be eligible for the bounty for Release Notes, you must submit a written report of your findings. Please note it is not necessary for every reviewer to review all release notes. Review what you can in a reasonable timeframe and clearly state which release notes you reviewed in your report. Over time we will figure out how to align reviewers so all release notes are covered by one or more person.
Please submit your work hours that you spent on your review. You will be paid for the max number of hours that are announced each week in the "Current Bounties for Reviewers" post that is pinned to the top of the CodeGov portal on DSCVR.one, so please manage your time accordingly.
Incentives for participating in these proposal reviews will be provided in the form of ckBTC tipping in the CodeGov portal in DSCVR. The amount of ckBTC will be determined each week based on what seems to be required to encourage participation. There will be a fixed bounty for every IC-OS Verification review plus a fixed hourly rate for people who perform reviews of Release Notes. Anyone who performs a review of the release notes is asked to submit their work hours at the end of their review. If no hours are submitted, then no bounty will be paid for review of the Release Notes. The bounty that is offered can grow or shrink based on number of participating reviewers and available funding each week and will be announced in a pinned post in the CodeGov portal.
A bonus may also be offered for anyone who discovers anomalies in the proposal details and code. This includes features not documented in the change description, issues/bugs/edge cases that weren't considered by DFINITY, a comment or suggestion for a change that is accepted by DFINITY, or identifying something about the proposal that causes a stir in the community of developers. The amount of the bonus will be determined by the Manager in consultation with select reviewers.
THERE WILL BE NO AIRDROPS FOR CODEGOV PORTAL MEMBERS. CodeGov exists to incentivize developers to take time each week to review important updates to the IC via the Replica Version Management proposal topic. Only people who perform these services will be tipped for their work.