At Daoism Systems, we build infrastructures for internet-native organizations towards an open, permissionless future. In light of the recent events, building greater resilience across the space has become more urgent than ever before.
Utility Work Ahead
Safe is among the core infrastructural elements in the DAO and DeFi community, and from our working experience, we believe it will become a key primitive in the future. However, from an architectural standpoint, it currently relies on a centralized backend to collect and bundle signatures, rendering them open to attack vectors.
Given that it stores all proposal information, signatures, and safe configurations, there is a risk of this data being compromised. Moreover an attack can disable server performance and paralyze the entire Safe ecosystem.
Another avenue of concern is information asymmetry for future transactions. By remaining closed-source, prior knowledge on transactions yet to be executed allows those who are in control of the server to front-run on certain trades to extract value from them beforehand, (e.g. if a big swap on a DEX from a certain Safe is coming it would be possible to make a big trade to affect the token price and sell it later to earn extra.)
To address these issues, we have started an open research and development initiative towards a decentralized alternative for the existing Safe API.
Decentralized Safe Registry
Our proposed solution is to build a Decentralized Safe Registry utilizing Ceramic Protocol and ComposeDB. This set-up will enable an alternative way to interact with Safe smart contracts without being reliant on centralized backend architecture that pose the aforementioned risks. ComposeDB can be used to establish a decentralized, permissionless and open infrastructure that allows anyone to access and use Safe’s shared data.
ComposeDB is a decentralized, composable graph database built on Ceramic protocol, a permissionless data-streaming network. Node operators choose which data models to host, then automatically sync data between each other to decentralized extendable storage for web3 applications. Applications connect to Ceramic’s decentralized data network via an open API to store, modify, and retrieve data.
The data models used in ComposeDB are analogous to those in NoSQL or MySQL databases. Leveraging the Ceramic protocol allows for any party interested in certain Safe information to maintain a full informal replica of the data, creating a more decentralized open architecture.
We have identified specific models of Safe to be used inside of ComposeDB:
Safe - this model is required to store Safe information and data, created simultaneously with the Safe itself, and contains owner information, Safe address, active transactions, etc.
Transaction - a full description of the transaction, essentially a representation of the Safe’s proposal.
Confirmation - an approval (EIP-712 signature) of a specific transaction awaiting execution in the Safe.
By using GraphQL, it becomes possible to list all signatures for a specific transaction, or a transaction for a specific signature which allows for ComposeDB to build a “decentralized API” for Safe.
Architectural approach
“Abandon All Centralisation Ye Who Enter Here.”
Codex of Web3
The idea behind the Decentralized Safe Registry is to give the opportunity to use the Safe Protocol bypassing the centralized server. ComposeDB can be used to enable a decentralized and permissionless alternative to create an open infrastructure that allows anyone to access and use Safe’s shared data.
Here’s a simplified diagram of the current Safe architecture:
Our solution avoids the central point vulnerability by moving all interactions with the Safe backend to the user’s frontend instead. Because the data is stored on a set of permissionless open nodes, and it is visible to everyone, it eliminates all blackboxes in the system.
Proposal data, user information, or similar forms of data will be collected on the frontend and directly connected to the distributed database. It becomes impossible to edit the data of another user in the ComposeDB, which means that after the Safe is created, no one can change information about it except for the Safe owners themselves. The same could be said about the proposals and approvals.
This change simplifies the overall architecture and reduces the cost of maintenance and development. The only requirement is to run a ComposeDB node (ideally multiple nodes, to decentralize it further) that will store and take care of all the data. SafeDAO could potentially come up with an incentives structure to maintain proposed Decentralized Safe Registry.
Daoism Systems is an on-chain development firm specialized in custom solutions for DAOs and DeFi protocols. Founded in 2022, our client portfolio includes DoinGud, Balancer, and PrimeDAO alongside our incubated project, NinDAO.