Plan for removing the sovrin token.

[esplinr]

No description provided.

[askolesov]

Look really great! I've suggested only minor improvements.

[askolesov]

Great work

[esplinr]

For reviewers: a convenient link to the PR for the Indy HIPEs that are linked in the SIP.

[WadeBarnes]

The Jenkins CI/CD process(es) runs the tests in containerized environments. If the test run on a developer's machine, they will run on the equivalent containerized environment during the build process.

[esplinr]

I have no confidence that the tests will run on a developer's machine.

[WadeBarnes]

Current test failures are due in whole to dependency issues, details provided in the RC channels. Once those are addressed the tests will function in the containerized environments under Jenkins, or on a developers machine.

[WadeBarnes]

indy-sdk 1.16.0 was built 2021.02.21, moving forward, testing would need to migrate to the tools adopted by the community. This would be the same for indy-node.

[esplinr]

Agreed. But we have volunteers to do that work for indy-node, and no one to do that work for the token.

[WadeBarnes]

Without the plugin (once the ledger has been frozen and the plugin removed) how can the ledger history be validated when there have been transactions processed by it?

[esplinr]

Wade asks:

Without the plugin (once the ledger has been frozen and the plugin removed) how can the ledger history be validated when there have been transactions processed by it?

The SIP explains:

Sovrin StagingNet is a stable ledger for demonstration and testing purposes. It is widely used even though no guarantees are made about the history of StagingNet. It is intended to be reset regularly but has never been reset in practice.

Sovrin BuilderNet is used to test new Indy releases for stability before the other Sovrin networks. It is useful for developers building solutions, but makes no guarantees about preserving history. BuilderNet was reset in June of 2020. It has an initialized token ledger and a history of only a few token transactions that include two SET_FEE transactions.

This policy is based on the Sovrin Steward Technical and Organizational Policies v2:

4. If at any time for any reason Personal Data is discovered on the Permissioned Test
   Network:
   a. The Sovrin Foundation MUST be notified immediately.
   b. Within 48 hours of notification, the Sovrin Foundation MUST reset the Permissioned Test Network to erase the Personal Data.

But per @WadeBarnes 's suggestion, I made it more explicit here:

3. The history of transfers of value will be unrecoverably lost when the token ledger is dropped during the plugin removal. This is appropriate, because token transactions are only on the test networks (StagingNet and BuilderNet) where the history is not expected to be permanent (see Sovrin Steward Technical and Organizational Policies section "Permissioned Test Network Policies").

Edit from @WadeBarnes:
This covers the scenario where the ledger is dropped. What if the ledger is retained? i.e Ledger frozen, ledger (data) retained, plug-in removed (uninstalled).

[esplinr]

This covers the scenario where the ledger is dropped. What if the ledger is retained? i.e Ledger frozen, ledger (data) retained, plug-in removed (uninstalled).

I don't see how that is relevant to this SIP. Operation of the network is unaffected either way. We put in the extra effort to cleanly remove the data by dropping the ledger, because we want to leave the network in the best state for long term maintenance.

• On MainNet, keeping an additional empty ledger around forever could cause us future complications simply due to the added complexity. Years in the future, it won't be obvious what the unused empty ledger is for.
• On StagingNet and BuilderNet, I don't see why we would retain test data on a test network that by policy can be deleted at any time.

But it doesn't really matter either way.