A Safe dApp Ecosystem: Our Vision
Phishing and compromised dApps front-ends pose significant risks, not only to individual users but also to the broader adoption of Web3 technologies. In this post, we’ll share a concept that has been a topic of internal discussion at Coinspect for years.
Identifying the challenge
The technical and cultural challenges we identified discouraged us from implementing and disclosing earlier versions of our proposal. Based on our extensive experience in information security and technology, we understand that imposing restrictive measures on developers in the name of security is often counterproductive. For instance, a standardized dApp UI definition language to generate a safe GUI from an on-chain document is potentially a secure solution but will be against UX innovation. App development practices evolve quickly; innovation and experimentation are critical to improving the web3 experience. There are better approaches than limiting developers. We must give builders the tools to develop safer dApps without compromising productivity and creativity.
Our approach
Our strategy to enhance dApp security involves two fundamental approaches: first, we’re committed to supporting projects that enable the development of secure, decentralized front-ends; second, we propose a monitoring and alert system that not only detects malicious activities but also encourages dApp developers to adhere to best practices, fostering a safer Web3 environment. We’ll share more details about this monitoring system in future posts. In the next section we introduce our idea to bootstrap a safer dApp ecosystem
Secure dApp Launcher
Objective: To enhance the Web3 security and user experience by creating an open, decentralized application (dApp) launcher that mirrors the convenience and familiarity of mobile app stores without sacrificing the decentralization and security principles fundamental to this space.
UX Components
Unified dApp launcher: A single application, potentially in the form of a local file loaded by the browser, an extension, or integrated into popular wallets, serving as a gateway to various dApps. This interface will resemble a traditional mobile app launcher, with visually appealing icons for each dApp and a user-friendly search function similar to a browser address bar.
Safe dApp Discovery: A dApp discovery process that prioritizes authenticity and integrity. It will be designed to prevent deceptive practices such as mimicry, typo-squatting, and homoglyphs. This approach ensures that while the platform remains open without centralized censorship or restrictive acceptance criteria, it maintains a high standard of user safety. Users decide what curators to trust instead of the centralized authority of mobile marketplaces.
Implementation
Building this system that is analogous to a secure bootloader chain without predefined certification authorities requires:
Standard dApp Packaging: Develop a standardized method for packaging and digitally signing dApps. The standard dApp packaging enables an integrity verification process to ensure that only applications from builders trusted by the user are accessible through the loader.
Flexible Signature Verification: Implement a robust signature verification system within the loader. This system ensures that each dApp accessed through the platform is authentic and has not been tampered with. Each dApp package can be signed by multiple entities, and each individual entity can implement its own multisign mechanism, including on-chain governance protocols.
Reproducible Builds: Create the tools to integrate reproducible builds in the development process of this system and each individual dApp. This ensures that the distributed code can be independently verified to match the publicly available and reviewed source code.
Nice to have
Subresource Integrity for Bootstrapping: Leverage subresource integrity (SRI) to establish a minimal, easily recognizable HTML file. This file serves as the foundation for bootstrapping trusted dApps. Its unchanging nature allows for wide dissemination, even through non-digital means like printing on merchandise (e.g t-shirts), to promote widespread recognition and trust.
Downgrade prevention: An authentic dApp package can have bugs or vulnerabilities, and attackers could trick users into using old and vulnerable versions. An on-chain directory could prevent this.
Incentives for front-ends: A flexible authentication system allows users to safely use alternative implementations of front-ends and download the signed packages from untrusted sources. An incentive protocol can be included to prompt alternative front-ends and hosting solutions.
Step by step
This post intends to cover only some design attributes to start the conversation. Please share your thoughts, spread the word, and stay tuned for more updates; we’ll make this vision a reality, one step at a time.
