Proposal : A decentralized and public Aave frontend

kwizfreak · July 28, 2021, 11:35am

Hello,

The network/protocol is decentralized but we have to go through an aave.com interface, what happens if the site is down for x or y reason? We can certainly use smart contract but who is able to do it without interface / frontend?

We can use zapper, instadapp, defisaver and others but we depend on their smart contract and protocol too.

Why not set up a public frontend? Which can be different from aave.com (lighter version) but which allows to interact with everything that is possible to do today on aave.com and on smartcontract?
Moreover if the frontend is public and decentralized, it is possible to add the latest features that are available on the protocol more quickly.

Other advantages : We will have the possibility to create mirrors
Risk : Possibility that someone change the addresses of the smart contract in the frontend if they decide to fork it and make a fake.

In any case I want to open the discussion on this eventuality and take the measure.

Moreover an Aave app seems to be in dev, is it public ? decentralized ? where is the border ?

If the protocol is decentralized, the interface must be too, otherwise we are dependent (for a large part of the users) on the goodwill of the person responsible for the publication of the frontend.

Of course all the frontend work is fabulous, but so far we are waiting for the new releases with impatience and we have no choice on the frontend, the date, etc …

Best Regards,
Kwizfreak

For a decentralized Aave frontend soon
No decentralized Aave frontend at least for the moment

0 voters

mr_aave · July 28, 2021, 1:13pm

love the idea, it would be nice to have a decentralized frontend, to see the conditions and the risk that it generates but the idea is top

Jordan · July 28, 2021, 4:16pm

Yes this is totally needed

3.1415r · August 4, 2021, 8:11pm

Great idea, it could also be helpful in case regulators start to mess around like we have seen recently with UNI.

Emilio · August 5, 2021, 2:36pm

I think this is the short to medium term goal - hopefully it will happen soon!

haave · August 22, 2021, 6:10pm

Great point. This is a DeFI-wide concern, perhaps it makes sense for Aave DAO to join the nascent OpenFrontends initiative: https://twitter.com/adamscochran/status/1427447330496819204

Neal · August 23, 2021, 6:53am

Good suggestion by @kwizfreak and also by @haave to join the OpenFrontEnds Initiative.

It seems they are going to begin with Compound so we could always keep an eye on things, see how things pan out and perhaps follow in their footsteps without experiencing some of the teething problems.

ASDPC · August 23, 2021, 11:34am

Before jumping into building a new front-end piece (as the OpenFrontends people seem to be doing for Compound), I’d try to push first for publishing the existing Aave interface under a libre software license (ideally, AGPL).

kwizfreak · August 26, 2021, 2:33pm

GitHub - aave/aave-ui: An open source interface for the decentralized liquidity protocol Aave</tit ! Oh yes :) thanks !!

ASDPC · August 26, 2021, 2:36pm

That’s BIG! Thanks and congrats at the same time for releasing it on the open!

Emilio · August 27, 2021, 7:56am

As @ASDPC and @kwizfreak noted, the Aave frontend is now opensource and there is a public IPFS hosted deployment available.

That’s a major milestone for the whole community!

ASDPC · August 27, 2021, 8:26am

In the announcement on Medium there are a number of good reasons why open sourcing the UI is important:

Facilitating integrations
Possibiliting alternative and enhanced user experiences
Enabling anyone to contribute and improve the UI

However, I think there are a couple of reasons more that can’t be overlooked:

The front-end code of dApps need to be publicly auditable so that anyone can verify the security and integrity of the code. That is, making sure that the front-end is free from privacy-endangering or money-endangering code and that it doesn’t contain some evil logic (e.g. secretly interacting with a different implementation of the the protocol that is not the one that has been audited and published).
Users who want to have a truly end-to-end trustless experience need to have some way to locally run the UI from the source code. Only in that way they know the dApp they are using is exactly the code that is publlished on GitHub. Moreover, that’s also the best way for them to protect their privacy, as the version of the UI that is live on app.aave.com is leaking IP addresses and potentially many other data to a number of web servers, including some third parties:

IMMax · October 20, 2021, 6:24am

Hello, I am a member of 4EVERLAND team, https://www.4everland.org/

Our Platform can help Aave to achieve front-end IPFS-based deployment and hosting and compatible with http access and global acceleration,

We are willing to help Aave to launch an IPFS-based front-end to support the development of ecological decentralized front-end plan;

Our team will actively synchronize with the community on this;

fig · October 20, 2021, 5:03pm

@kwizfreak This would a be a great step in our industry’s push for decentralization.

How do you anticipate in shouldering the cost from hosting the frontend? And the build - would this be from a new dev, and paid for by the treasury?

How do you think of hosting in a decentralized way? Through an IPFS and supported by Filecoin?

ratankaliani · October 20, 2021, 8:40pm

@fig @IMMax I believe the frontend has already been decentralized via IPFS unless the notification received when entering https://app.aave.com from https://aave.com is inaccurate?

sakulstra · October 20, 2021, 10:30pm

Yes it is. Afaik theres also a fork deploying to skynet.

IMMax · October 21, 2021, 3:41am

I’m not sure if Aave’s front end has been officially deployed via IPFS yet, but that’s fine, we can do the same and we’ll publish the CID for verification purposes.

sakulstra · October 21, 2021, 9:58pm

The ci/cd is actually public and verifiable:

Every single (non failing) commit on the aave-ui os repository will yield an ipfs hash:

You can checkout the ci/cd here:

github.com

aave/aave-ui/blob/master/.github/workflows/main.yml#L33

    
      
          - uses: actions/checkout@v2
          
          
- uses: actions/setup-node@v2
            with:
              node-version: '14'
              cache: 'npm'
          
          
- name: install
            run: npm ci
          
          
- name: Build and pinata upload
            id: deploy
            env:
              PINATA_API_KEY: ${{ secrets.PINATA_API_KEY }}
              PINATA_SECRET_KEY: ${{ secrets.PINATA_SECRET_KEY }}
              PIN_ALIAS: "${{ format('pull_request_{0}', github.head_ref) }}"
            run: npm run pinata:ipfs-publish
          
          
- uses: actions/github-script@v5
            with:
              script: |

JeremyKeating · October 22, 2021, 9:17am

Hi @kwizfreak
Is there any concern that this could be used for phising or similar attacks
Users could go to what they think is a front-end for Aave but is really a scam
Or am I missing something?

ASDPC · October 27, 2021, 9:09am

That’s something that a motivated enough attacker can easily do even without access to the source code, so this doesn’t make much of a difference to that sense

Topic		Replies	Views
[Delegation Pitch] Towards the Future of Aave Governance	0	1917	December 18, 2020
Aave build on Cardano - lower fees Governance	6	1944	April 4, 2021
[ARC] Aave V3 network integrations process Governance	15	26489	May 1, 2024
Proposal: Implement cross chain bridging function Governance	11	2580	November 18, 2021
[Proposal] Building a mobile app for Aave Aave Grants DAO	24	7906	November 19, 2024

Proposal : A decentralized and public Aave frontend

Related topics