Would you want every website seeing your finances? Probably not. But so far, that’s what has been happening on web3. Current Dapp browsers, such as
First up, the company is implementing Ethereum Improvement Proposal 1102–a series of improvements to Dapp browser security–that will help to protect its users. EIP 1102 was originally proposed by MetaMask itself.
Now, the proposal will require websites to request the user’s public address. This will cause a pop-up box to appear which the user can agree to, or deny. If a malicious website does try to request access, the user will be able to stop them before it’s too late. While public addresses are still visible on block explorers, this fix will help obscure the connection between them and their wallets when it goes live on November 5.
“We think this is the best balance between developer experience, on-boarding user experience and privacy protection for new users,” says Bobby Dresser, project manager at MetaMask, on stage at Devcon 4 in Prague.
MetaMask moves into mobile
While MetaMask has solved one privacy concern, the announcement of a new mobile wallet could be opening up another. The wallet connects to your desktop wallet by scanning a QR code, which takes just a few seconds. This earned applause but it raises a few questions–surely this means transmitting the private key over the internet? Yes, and no, according to Bouchon.
“It uses a highly secure web socket connection between the extension and the phone which is only valid for about 30 seconds. It’s encrypted, the time-socket is encrypted and the web socket connection itself is encrypted.”
MetaMask also building a new browser called Mustekala–which is Finnish for Octopus. The browser is designed to reduce the dependency that MetaMask has on a centralized service called Infura. Since MetaMask users don’t run their own node, it has to use Infura to interact with the Ethereum blockchain. The new
Last, but not least, it’s expanding to other blockchains that are compatible with Ethereum. Currently, that’s basically Ethereum Classic, but in