Secure plugin marketplace to extend the Safe account functionalities using plugin attestations
Smart accounts and modular smart accounts are the future of wallets to make the Web3 onboarding easy at the same time exciting by adding functionalities to the account. But this comes with a need for a standard (such as EIP 6900), easy yet secure way to explore and install the wallet plugins. Safe Station is an effort to build this secure plugin marketplace where users can add features to their Safe accounts only after verifying the authenticity through the plugin registry. We provide a mechanism where an external auditor can audit the plugin and attest the plugin with details such as risk score. Safe Accounts can then install the plugins if it passes the risk threshold or has been audited and attested by the required auditors.
SafeStation plugin marketplace is built on top of the technology and infra provided by Safe and EAS. SafeStation extends the registry and plugin manager (https://github.com/5afe/safe-core-protocol) and adds an extra layer of attestation verification provided by EAS (https://attest.sh). SafeStation marketplace lists all the plugins in the registry with details of attestations fetched from EAS. Any Attestor and audit the attest the plugin. SafeStation is also a Safe App, it can be run on a Safe Wallet and plugins can be installed if the required attestation conditions are met.