Embracing Decentralised Web Hosting: A New Approach to Securing Web3 and DeFi Applications

Embracing Decentralised Web Hosting: A New Approach to Securing Web3 and DeFi Applications

Save billions not yours but your users

Play this article

Introduction to Decentralized Finance (DeFi)

Decentralized finance (DeFi) stands at the forefront of financial innovation, promoting the concept of "unbanking." This shift questions the traditional banking system where the custody of hard-earned money often carries a high risk, particularly during bank runs - incidents recorded globally across developing and developed economies alike.

The Role of DeFi in Transforming Traditional Banking

DeFi's primary aim is to transfer existing banking-related services to public blockchains. This transition empowers end users to not rely on banks for financial services but to access different services independently in a trustless environment.

AAVE: A Flagbearer of DeFi Apps in Web3

Take the example of AAVE, a popular DeFi app within the Web3 ecosystem. AAVE enables users to deposit various digital assets on their platform and borrow stable assets based on their requirements. In leverage scenarios, an on-chain function determines whether the provided assets must be diluted. Once the function verifies the value, it executes the appropriate outcome.

New Paradigm in the Financial Model

This mechanism creates a new paradigm in the financial model, shifting decision-making power from individuals to blockchain-based functions. Human-written and validated functions take complete control, eliminating the need for banks to manage your money. Trust is now placed in the code. But this trust also has seen bugs and exploits.

The Risks Associated with DeFi Apps

Despite its potential, DeFi apps carry risks, primarily centered around human error and control. The composable nature of Web3 makes it easy to create replicas of DeFi apps. Often, users access these apps through a centralized or readable domain, inadvertently exposing their wallet address to potential malicious activity.

Traditional Banking vs DeFi: A Risk Perspective

These risks are relatively minimal within the banking ecosystem, given the stringent licensing requirements and the implementation of strict server-side validation policies. Additionally, banks make their domains easier to remember, reducing the risk of fraudulent activity.

Best Practices for Risk Mitigation in DeFi

Launching the Web3 User Interface (UI) on an immutable data storage platform like IPFS (InterPlanetary File System) is highly recommended to safeguard user interests and mitigate such risks. This practice ensures that the web application, once launched, remains unchanged.

The Catch: Human-readable URLs and CDN Layer Manipulation

However, there's a catch. Often, we use human-readable URLs to launch business applications. In such scenarios, ensuring that the web application served via the domain remains free from manipulation at the Content Delivery Network (CDN) layer becomes challenging.

Safeguarding Decentralised Infrastructure: Role of Spheron and SecureOn

Services like Spheron and tools like SecureOn come to the rescue in these cases. Spheron ensures that users can see the IPFS hash passed into the header directly from the gateway along with the content. SecureOn emphasizes a trustless system by verifying the content that's getting served over the domain on the client side.

By understanding the fundamentals of DeFi and leveraging decentralised infrastructure to address inherent risks, we can facilitate a safer, more secure, and trustless financial future.