Our primary focus is to create a permissionless, transparent, and safe ecosystem where users can easily interact with their favorite Dapps. SCI (Secure Contract Interaction) is a Public Good organization founded at the EthGlobal Istanbul Hackathon. It was created to reduce web3 risks and vulnerabilities. We work on three main pillars:
We've engineered an on-chain contract-to-domain verification system, empowering domain owners to curate a list of approved contracts capable of interacting with their domains. Leveraging Ethereum Name Service (ENS), we validate domain ownership. The flexibility of our system allows for the seamless integration of additional verification methods in the future.
Enabling users to develop tools around this system, we've constructed a dedicated subgraph, facilitating easy data queries. Proactive measures were set in place to swiftly respond to potential threats, exemplified by our snap plugin, which promptly notifies users if a contract they are engaging with is unauthorized—an invaluable defense mechanism in the wake of incidents like the Balancer frontend attack.
Acknowledging the inherent risk of relying solely on website owners, we've implemented Ethereum Attestation Service (EAS). This feature empowers users to attest to the security of a page, mitigating the risk of malicious activities, even if initiated by the domain owner.
To provide a centralized hub for users, we've developed a user-friendly web page. This interface not only allows users to explore domains and add contracts but also provides a platform for attestation and notifications. We leverage Next.js in conjunction with wagmi, ethers, and rainbow kit to develop the webapp faster.
We've created a demonstration app on the Cowswap widget. This showcases the versatility of our product and its potential applications, positioning it as a valuable asset for users in various scenarios.
In addition to all that we added Web3Inbox to alert users if an attestation has been done or if a contract has been added to a domain