As a user of platform I care and use almost on daily basis I would like to feel that its security is reviewed on regular basis. While not in doubt that we are having some amazing development team formed around Leo Finance which is constantly stepping up the game in various areas, sometimes we need to step up as users and help drive some changes for our own and future users benefits.
One of the areas which I would personally like to see looked into, coming out of the 2020 November DNS hijacking of popular crypto domains and followed by the most recent Pancake Swap and Cream Finance DNS takeovers is the DNS registrar of leofinance.io and cubdefi.com which according to lookup.icann.org/lookup appears to be the infamous GoDaddy
The reason I would like to see Leo Finance look into this matter is because of the recent multiple reported mishandlings of GoDaddy when it comes to social engineering attack vectors on its employees which reportedly lead to domains being transferred over to malicious actors.
I would ideally like to see this being taken as an opportunity to step up the security and perhaps take the platform into more resilient, accessible and decentralized setup to protect as many users as possible when an issue arises.
Not to suggest any directions as I am not an expert by any means, however would like to think the solution Uniswap has set up may be one to look up to, with their setup heavily driven by IPFS (InterPlanetary File System) with its primary gateway being available through Cloudflare and a few standby IPFS gateways being available
One of the problems highlighted by the recent Pancake Swap DNS hijacking is that even if the affected project's team is quick to react which in the above case took around 2 hours to regain the access to DNS and point it back to their own servers, the damage lasts for much longer due to various aspects like DNS propagation. With that, many users were facing the taken over version of the domain for much longer than just several hours and some projects have taken decisions to postpone their listing because they've deemed that their users would be still at risk.
Source: https://twitter.com/B21Official/status/1371836082778693639
Related Reading
Accumulate Crypto daily
Sharing network resources: Theta Edge Node (Windows/Mac), Honeygain (Windows/Mac/Android/Linux)
Blogging: read.cash, publish0x, leofinance.io
Microblogging: noise.cash
Others: lbry.tv/odysee.com by watching video & media content and presearch for a non intrusive search engine
Originally posted on read.cash
Posted Using LeoFinance Beta
The way I see it for now is sites can have a .crypto domain and a back up with IPFS and allow users to pick which front end solution they want to use
Congratulations @ir-crp! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s) :
Your next target is to reach 800 upvotes.
You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOP