Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
Smart Token Labs / Presentations & Workshops / 10 Dec 2019
Smart Token Labs / Presentations & Workshops / 10 Dec 2019
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: How Do We Make Dapps as Secure as the Underlying Ethereum by Weiwu Zhang (Devcon5)

Description

Visit the https://archive.devcon.org/ to gain access to the entire library of Devcon talks with the ease of filtering, playlists, personalized suggestions, decentralized access on IPFS and more.
https://archive.devcon.org/archive/watch/5/how-do-we-make-dapps-as-secure-as-the-underlying-ethereum

Web3.js is a Javascript API for web applications (dapps) to access Ethereum blockchain. However, its security assumption inherited the security assumption of an Ethereum node, which is entirely open to the node's owner. The privacy and security consequences of that assumption are two-fold.
First, a web application can learn sensitive information about the user.
Second, the web application can feign a representation of blockchain data to be another or even tricking users to signing obfuscate transactions. A website which simply draws a crypto kitty would look no different than another which reads the user’s kitty from Ethereum smart contracts.
Much makeshift work has been down for this underdesigned infrastructure. For example, MetaMask resorted to hardcoding CryptoKitty and requesting permission to read the user's address. However, only so much patches could do. Furthermore, such patches weren’t designed with abstraction to accommodate next-generation blockchains with privacy and efficiency improvements. For example, failing to find truth quickly using the low-level interfaces provided by web3.js, many dapp browsers resorted to relying on a centralised token status database.
The speaker presents a design which abstracts token interface away from low-level Eth-node interface, remodels the basic web code trust inheritance for practicality and security. It involves high-level API for web applications and a secure, WebAssembly based sandbox running signed code designed to embed in the Web itself.


Speaker(s): Weiwu Zhang
Skill level: intermediate
Track: Security
Keywords: technical

Follow us: https://twitter.com/efdevcon, https://twitter.com/ethereum
Learn more about devcon: https://www.devcon.org/
Learn more about ethereum: https://ethereum.org/

Devcon is the Ethereum conference for developers, researchers, thinkers, and makers.
Devcon 5 was held in Osaka, Japan on Oct 8 - 11, 2019.
Devcon is organized and presented by the Ethereum Foundation, with the support of our sponsors. To find out more, please visit https://ethereum.foundation/

A

Today topic: how do we make well as secure as much change so before I go into application? Let's remind will be hundred and end up here how many security web apps and connect web and what energy so.

B

What.

A

Was very pretty much talking as.

A

Far as much progress, so we spend on JavaScript context.

A

Okay, so.

A

Then you can access, it was Polina.

A

Stop well every time and then continue from there. We have me confused interceptions functional pattern. User, don't know there sighing. So what we do right here says if you're following us, a transaction is kind of comprehendible and then with a lot of variation of this wonders what we do we like for us now we have the tokens that are more complicated than traditionally are see. We have competitive, they actually have color the usual eyes. I saw a high special and it's what we do it hard code them into the browser.

A

So this is how we ended up here. So this is what I call this process: everything the property and solving immediately within the most ready solution, voice, recording the design space. So it's like there's somewhere a merest accident somewhere else. It is. Our topic is hearing the better way, which is an outward, probably learn how to solve so the problem. What.

A

Test people wants to because Webster is a centralized blockchain connected and people wants to see the truth he wants to see which bit of information on what is actually under my cot, witness they have been to trust the way.

A

The other thing is operability, it's quite important because traditionally, whether what system is a giant and nobody help you centralize components, but users expectation is to buy one serving a level of service that can be provided by the Hollywood is decentralized components, work together, and then we have the policy that fewer users are always active, expecting that Westar is a new product, but something that the user is able to catch when they want to do without giving away their parasites haha and then, finally, you have security, which means you know together, we have only the custodian of their asset because to know what they are doing with their pet.

A

The Sun concession there's a new transaction which we have any other questions detective. They are not attending to be giving away.

A

Now, given this is that werster is going to solve, I was nervous to analyze how well it's a public assault. This is one example: I imagined it is called teaching in the garden. What it does is it draws property. If you have a property at any point, then he was to a garden network. That's all still.

B

On it,.

A

As a tokenized version of hello world, they need to see a family in some complex now traditionally,.

A

Earning money, this region- this is hard to awakes, use, request data and web service JavaScript and America, and these tiles finish name and our end users. Browser search access in general, get information on the total SS in smartphones that functions. Getting the color 50 painting is not hat and roll it a really nice. Now, let's look at trusting opportunity, promising security. So stick.

B

It was first how.

A

Does you know that the Kentucky team is actually rendered using the data, but this quantity all whether or not the the web server is doing that in JavaScript to inquire, get information and not the balance of the entire contract for another, and then we offer ability. So if, in this case, it has is duty to they're the new one is sometimes that players flying events, so I suppose could be keeping a daily functions like this.

A

You get is that they made a function of X it is here is, if you have a them, then how do you know this moving part of the centralized components? How do we know if the website has updated our code to do this functions? That's it all fertility, and then we have privacy so apparently in charge, and what's that gets the data from the blockchain and rendered on web.

A

But what is there is a now another arrow coming from this website which things back that have to do a self, so the user doesn't know how much what serves what says, what I can learn as well, and then we have the final. The security issue, issues, influence and transaction essentially transaction is assembled by a call. You don't know who wrote of an amount of trust. So in fact it was this open area that this model is move on.

A

This model user request data from the web server, what somebody's newsletters about JavaScript, I'm sure the best users in here address user.

A

Human then gives the him address to the server and certain can go. Look at the kitten data results. There's no need for the users and have had access to be very watchable. If user doesn't have access to learn about channel. How does user know any informations? True? In fact, you can produce this in with just the picture, a screenshot of the kitten sitting on the family pattern and the user, but have no way to know if this is his kitchen table.

A

Not so the solution would be in this very simple example is to build a long time. Nothing is an area secured area in an open space that it's used, however, but independent on the web.

A

So officially anomaly I probably look like this, so normally just look like it in front of others.

A

So if user move mouse over this type, which shows that there's our wine Enclave on the web, then this clicking is highlighted. So you don't know this palette. Omission is an outlier. This is salt from watching truth. So, with this boundary construct, the partner will be like this. The website request through healthy team this time the what does not wasn't enough, provide direct instructions that have got this information is in that meditative hold resonance, secure, complain and secure college from patrons dream.

A

Sign code provided by retro huge of trustees, forces that a cutie privacy is protected here, because he does not ask for anything so asking you the truth, which pretty much familiar to know whatever no need to know. Now you haven't you and what is the color that was haven't? They asked, doesn't even talk, bankrupt and the kitchen, the clean side, Nicole reading the security unveiled provide information then recover and this week post with a security company. So that's really listening exit game first, so the user access parity.

A

It doesn't sacrifice anything so user knows insecure today because participated so that we've got trust and then then it opportunity if the Kentucky team is also a very sleek, is okay and we can update their zone very cold to manage security. None table was happy medium because, what's that, only care about what we regard as what's up hours or keeping garden and then get pretty as I demonstrated like you are sparking.

A

As you give you names idea to tell you locality, security Ontario has interprets protect me forever, and then we will get security said if any transaction has to be signed. It is started for me, but asking certain things to be done and that action is performed in gunplay as actually following the route is permissible, so this will separate into a common web.

A

Now, if you ran this technology, you need a way to deliver clean, signed code to the security company and that's the technology. We have been working on in spirit.

A

What it does is, it has tokenization like many positions and things what you are seeing doesn't come home, Allegra attributes like how to get colors eye color already tea and then in their transactions that what transactions are possibility. Anything comment can.

A

And secured rezoning like what kind of information is accept and secure Enclave which website, whether or not attestations will help under Montana can be forwarded to the cyber security and then we have permits. So we have cars cars, a visual renderable pattern. So if I have a key card much too short in email and then we have very actions, actions other things that perceptions users can compile for this program and understand, believes this actions might not entirely provided our killer.

A

For example, if you send them somewhere, my dear let's clarify history and provided better addition contractor product by DIRECTV, then you has a collateralizing contract author can provide an action that is apply word to use its best actually, but finally, you have the signatures. The reason I put water person shows up here is because your might need it. There might be multiple source of trust in it.

A

So just as I was explained, the kitty is drawn in with code assignment by echo, to hit him but collateralization of Nikita as an action that can be done in teams that might be signed by someone else. So this will be basically a file structure top expert. So, given we have a brief understanding of what we could solve the problem, I'd like to move forward to show you a little word open house workers will be applied. That's going to be more complicated as two days and same to me.

A

Imagine with me that you a token that represents Ankara will show you get the token to my car I'd. Imagine that you have insured part, which is another fulfillment you get when you pay the insurance together the department and here on this interface, there are multiple tokens of highlighted ones. The trust fund is messed up, but it really sure about equity and religion. They don't make them perfect. This is the character. How did it end up later? Well, let's imagine with this new insurance token what you can do with it.

A

Imagine a business or car next door, actually, there's actually a. Similarly, if that allows you to enter car, be rented by strangers and you just get a dollar a day when you come into your pocket automatically when a car is modified, sell for you, that's that's!

A

That idea, and in order to do this service you need to have, is we need a shortcut, so the insurance token would be the enabler of this new shake country style and when you use the insurance token for this new chain economy, we had a rental car list, important which, which is the source of revenue that comes to you from time to time. I represent is that you have salsify.

A

If you want to live to a secure Anatomy, it's not a story we'll just imagine that this is possible to have a static for car got stolen with other students, so the process will look at this first. This is serious business. What time you say do actually only insurance now the work that was to learn something and the Conclave has to paly say that okay, actually I can do a witness Commission.

A

This is my policy destination and then once that goes to the back of the website and ask me if you know if this policy as a cover or own virus, which is condition, and it's not conscious and every list. This is one of the infusion where the user behind security Enclave and the website using there's their own own, establish trust between each other. So you know we don't previously in the car kitchen garden the website that we may need to access.

A

The third option is alive about having that kitten is and to this point behind is that visual trust and the website was an information. Okay, send send a transaction to get your car distant and here kiss telescope. This telescope is a new one. This telescope is issued by connects polish, a company company, and it contains the rules how to get a transaction of the sample transaction to get your rental car disdainfully.

A

So what we have now is in the security unplayed, the environment in which evolutionary signatures good, is usually from time next or bottom, and many we acquired didn't know that actually is the total missionary from comfort zone that were in toast is talking spiritual and the sermon that will come magazine. Distance will be genuine and not devote as awkward and the user will get this, which is a transaction losers in the same sense that we're talking I'm going to lose by transaction.

A

We're talking about, would use intersection, characteristics, dependency and what kind of again, which is car rental when a car is Tito and it's green, great color because doesn't exist, yet it's created on the moment accessible transaction. So this is what generated from the security on trade and not by website what has me to say that leads to changes, a transaction and what I'm telling you and hello word here. We had beautiful team here in the security vampire. We have insurance.

A

I totally, this is Hollywood so yeah. What do you say? Security.

B

On a place, that's on a physical device without software I.

A

Should use itself that concept? Okay,.

B

So, where is that software running is.

A

In the users browser.

B

So.

A

They are never this much relevant because we will have a 1 in it even when it isn't money power. Will it to have this thing, but normally you mean a new kind of processor, maybe yeah. So this is the focus.

B

So, arts, you create a browser that competes with brain. It's a new browser. It's got a security Enclave running in software. How do you trust the hardware so.

A

This is a different level. I think we may be great to the security on the play. Actually, events in the rules that he was model is that we validate but I think this is them something we can progress to our good friend. So actually, this is hot. Oven script boost all security on their own web decentralized web 3. So we have more time for question and we got a bunch of questions.

A

The.

B

Other question has not occurred and.

A

The usual has user, no right as.

A

So they're kind of talk of you assumptions being five years so, for example, most contributors, computer movie, a was based on idea that we don't have physical advice and I should personally store it. What if you have version windows that show you everything? So the assumption is the user have capacity to security advice, but even with the suction that, like this and relaxed assumption, own security models do not help. So we need new security. Token script, I still with the same license agreement.

A

Yes, token script open source. Ok, this is some token scooped up always hungry. It's Paschal icing and there's a tech knowledge that is being standardized by if M information and we're in the process sometimes is are submitting each other to. Since then there is this oasis in our nation. We should producers produced open document format in order of office, so.

B

Tell me something anything: I hope, I get guests and vice versa. The second question: what's the current status or like, can we already start using it? Yes,.

A

A director Cory was also discouraged odd, however, so though, the script works in with a concept for a context. So let's say the token mean look differently. It is no.18 what, if it's a better or token, that's the current okay, you look differently. If you are, the poor in many different contexts, result token vendor differently by dream logic.

A

So currently they are anyways haulage company and open source of what has been helpful, but it only worked with one context, which is for wallet context so to make it really hard welcome to a secure Enclave in the browser. This is something looking at promoting progress as a context based concept concept, because we have one major cat, good question.

B

Okay, assume of the public or private key pairs, and you are specific- does it have to be like a JSON blob or can be a Harvard wallet or that kind of interact with the keys, or is it just better mousetrap.

A

Okay, so if you want to kind of find another layer behind open script, let's say every time the transaction is going to be signed, assigning doesn't happen, means in so I kept thoroughly at device. That's something a little different here, different layout yeah, the Thomas put that we take care of this layer could be careful about this layer, alright, so yeah. Thank you very much.