Content pfp
Content
@
https://ethereum.org
0 reply
0 recast
0 reaction
shazow pfp
shazow
@shazow.eth
Safe{Wallet} frontend infrastructure was compromised. šŸ„ We need to reduce our dependence on centralized frontends! We need more independent frontends implementations or, better yet, generative frontends. At least one signer should use a different frontend. https://x.com/benbybit/status/1894768736084885929
6 replies
8 recasts
32 reactions
v1rtl pfp
v1rtl
@v1rtl.eth
what do you think of Blumen? Decentralized front-ends, with the domain managed by ENS and Safe + automatic replication of the IPFS distribution to multiple services https://blumen.stauro.dev
2 replies
0 recast
2 reactions
shazow pfp
shazow
@shazow.eth
I'm all for making it easier to deploy local-first frontends on IPFS/ENS/etc! But keep in mind, deploying the same vulnerable code on IPFS would not make it safe from the vulnerability. šŸ«  Independent implementations that don't share the same supplychain attack surface is what's important. I'd take two totally separate implementations hosted in separate centralized servers over two identical implementations both on IPFS.
1 reply
0 recast
1 reaction
v1rtl pfp
v1rtl
@v1rtl.eth
I understand and agree besides just the infra, the apps themselves have to be diverse, kind of like client diversity but for dapps specifically for Safe there actually was a few, Eternal Safe for example wdyt of having an index/aggregator of dapps or something like that?
1 reply
0 recast
1 reaction
shazow pfp
shazow
@shazow.eth
I actually really like Safe for that, they do a great job with their "marketplace" of dapps that implement the Safe SDK. I agree that Eternal Safe is cool, and hope it keeps getting better. I'd just love to see more from-scratch implementations for many reasons. Among them: I want to live in a world where it's *easy* to build independent implementations of things. If we forever rely on one magical implementation, there's no forcing function to make it easy to implement. Like if the worst case of worst cases happens and turns out everything is vulnerable, some competent devs should be able to take a weekend and build a new alternative from scratch if they must.
1 reply
0 recast
1 reaction