EarthFast
@earthfast
🔒 How EarthFast enables secure decentralized frontends 🔒 EarthFast is designed to be the most secure protocol for decentralized frontends, offering more security guarantees than IPFS and other existing solutions. https://docs.earthfast.com/security Thread on how this works 🧵
1 reply
1 recast
3 reactions
EarthFast
@earthfast
Tamper Resistance & Transparent Versioning When an EarthFast asset bundle is built, a hash is computed for each file and committed onchain. This is done for each version of the site, and updates are controlled by an onchain entity owned by the project or its community. When the site is loaded, each piece of content is validated against that hash, else the file is rejected. This prevents: – Man in the middle – Compromised node – Unauthorized updates
2 replies
0 recast
3 reactions
EarthFast
@earthfast
Network Attacks & Single Points-of-failure Projects can use multiple domain and content nodes, each independently registered & staked onchain. This prevents: – DDoS – Sybil attacks – Malicious nodes
1 reply
0 recast
3 reactions
xh3b4sd ↑
@xh3b4sd.eth
The problem that victims have in our industry are not so much content hashes, but rather how content is represented for the victim. What I would like to see is an analysis of the tradeoffs that you chose because your approach increases the complexity of the system and opens up new attack vectors. * How do I know that my browser renders the content as hashed onchain? * How do I know there aren't additional assets producing malicious hash collisions? * How do I know the origin of content delivery is an honest node? * How does this approach help with phishing, redirects and domain squatting attacks? (well, it doesn't) I think what you are doing is great, but I am not sure this solution really addresses the core problems of UX security. The only thing that can increase transaction verifiability are multiple independent verification devices that all tell the same story. We have to assume that any single frontend is always compromised. There is no way around that fact.
0 reply
0 recast
0 reaction
