safe-react-apps icon indicating copy to clipboard operation
safe-react-apps copied to clipboard

Published 20 hours ago verified publisher icon safe-global

[Safe Apps] Security Profile

Open lukasschor opened this issue 4 years ago • 0 comments

As we will have multiple ways how to integrate a Safe App into the Safe Multisig, we should communicate potential risks associated with the ways to the user.

Similar to this feature in Zoom:

Screenshot 2020-06-25 at 12.44.10.png

Or the encryption tooltip in browsers:

image.png

Show a shield icon next to the "i" icon (see gnosis/safe-react-apps#321). The shield can be one of three colors:

Yellow:

  • For default Safe Apps hosted on IPFS

Orange:

  • For default Safe Apps NOT hosted on IPFS
  • For manually integrated Safe Apps hosted on IPFS

Red:

  • For manually integrated Safe Apps NOT hosted on IPFS

On hover over the shield icon it should display a tooltip with the information (depending on what actually is the case for the specific Safe App):

1) Audited?

No Safe App is audited so far, so all of them should show:

"Attention icon" No audit report available

2) Hosted on IPFS?

For IPFS-hosted:

"Checkmark icon" Hosted on IPFS

For web-hosted:

"Attention icon" Web-hosted

3) Known developer?

For default app:

"Checkmark icon" Known developer

For manually integrated app:

"Attention icon" Unknown developer

lukasschor avatar May 22 '20 08:05 lukasschor