You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Delegation Framework DelegationManager smart contract has no constraints on what enforcers can be applied to transactions.
While incredibly powerful, also potentially very dangerous. Users can't be expected to validate the addresses/terms of enforcers and understand how they operate at a technical level.
Because of this, it's important/critical for wallet interfaces to properly protect users from unintended risk and malicious enforcers during the authorization signature sequence.
But, we have to ask the question...Is the wallet interface enough?
Hypothesis
A DelegationManager with onchain constraints can considerably lower unintended risk for users.
As an advocate for freedom I understand the openness of the DelegationManager and why it's important to have an implementation without limits.
But for user's who have an incomplete understanding of the security model it introduces hidden risks.
It's a very likely outcome that users will accidentally sign delegations that contain malicious intent via unauthorized enforcers.
Experiment
Develop a DelegationManager smart contract that has support for whitelisted enforcers, plus a governance model for maintaining that enforcer list. It might also be worth exploring a new terms validation system to further constrain interactions with authorized enforcers.
Plus, create a rubric for constrained DelegationManagers that can be applied to different user personas.
For example, a user that expects to only use a wallet for everyday payments can be given a very constrained set of enforcers, compared to a user that expects highly optimized onchain interactions, via triggers and conditions, with decentralized finance (DeFi) protocols.
Goal
Limit users exposure to undesired risk, relative to their expressed goals.
Better understand how to properly secure users at each "stage" of an onchaining experience.
The text was updated successfully, but these errors were encountered:
Context
The Delegation Framework DelegationManager smart contract has no constraints on what
enforcerscan be applied to transactions.While incredibly powerful, also potentially very dangerous. Users can't be expected to validate the addresses/terms of enforcers and understand how they operate at a technical level.
Because of this, it's important/critical for wallet interfaces to properly protect users from unintended risk and malicious enforcers during the authorization signature sequence.
But, we have to ask the question...Is the wallet interface enough?
Hypothesis
A
DelegationManagerwith onchain constraints can considerably lower unintended risk for users.As an advocate for freedom I understand the openness of the
DelegationManagerand why it's important to have an implementation without limits.But for user's who have an incomplete understanding of the security model it introduces hidden risks.
It's a very likely outcome that users will accidentally sign delegations that contain malicious intent via unauthorized enforcers.
Experiment
Develop a
DelegationManagersmart contract that has support for whitelisted enforcers, plus a governance model for maintaining that enforcer list. It might also be worth exploring a newtermsvalidation system to further constrain interactions with authorized enforcers.Plus, create a rubric for constrained DelegationManagers that can be applied to different user personas.
For example, a user that expects to only use a wallet for everyday payments can be given a very constrained set of enforcers, compared to a user that expects highly optimized onchain interactions, via triggers and conditions, with decentralized finance (DeFi) protocols.
Goal
Limit users exposure to undesired risk, relative to their expressed goals.
Better understand how to properly secure users at each "stage" of an onchaining experience.
The text was updated successfully, but these errors were encountered: