Content pfp
Content
@
https://ethereum.org
0 reply
0 recast
0 reaction
shazow pfp
shazow
@shazow.eth
Safe{Wallet} frontend infrastructure was compromised. 🥁 We need to reduce our dependence on centralized frontends! We need more independent frontends implementations or, better yet, generative frontends. At least one signer should use a different frontend. https://x.com/benbybit/status/1894768736084885929
6 replies
8 recasts
33 reactions
shazow pfp
shazow
@shazow.eth
I built WhatsABI specifically for this thesis: In the future, most transactions will be made from generative interfaces (maybe directly by the wallet). The goal is to make this future easier to build and accelerate it. callthis.link is an example of a generative transaction builder. Can you do better? I'll help!
1 reply
1 recast
11 reactions
I. Christwin〔▸‿◂〕💡 pfp
I. Christwin〔▸‿◂〕💡
@ichristwin.eth
I love this vision. But then it would really take a lot of work to get this to be the norm while maintaining better security than the status quo. Reliance on wallet vendors or other parties for generative interfaces might still be attcked just like Safe{wallet} infra. (IMO) 🤔 How different is Rabby, Rainbow, Trust, or Coinbase wallet from Safe actually? The only difference I see is that it's a lot easier to map perspective hack targets, to associated infrastructure to compromise, is the case of Safes particularly. EOAs are kinda pseudonyms with respect to the underlying wallet infra.
1 reply
0 recast
1 reaction
shazow pfp
shazow
@shazow.eth
If we have smart wallets that require multiple signers (think of it like MFA), then each signer can be a different implementation, some can be generative. It's similar to client diversity for ethereum nodes. A single compromised node should not take down the whole network. It doesn't help us if everyone runs geth.
1 reply
0 recast
1 reaction
I. Christwin〔▸‿◂〕💡 pfp
I. Christwin〔▸‿◂〕💡
@ichristwin.eth
Yes diversifying singer implementations is a really nice idea. 😃 I've used Rabby to sign tx on my mobile, but it seems the same APIs as app.safe.global. I assume this because safe tx Rabby halted too after Safe halted there's. Helpful it's not the same, and client diversity for smart wallets begin to materialise.
1 reply
0 recast
1 reaction