Defi has a dirty secret. While the smart contracts themselves are fully decentralized, developer teams still have substantial control over the user through their control of the frontend. We’re excited to be announcing Homescreen, a new application on Skynet that allows users to fully decentralize their web3 frontends.
If you are unfamiliar, the frontend of a smart contract is the webapp or UI that you use to interact with the contract. The contract itself is a piece of invisible code on the blockchain, and the frontend is the website that typically appears at a URL like app.aave.com. Defi apps are usually accessed using DNS or ENS, but in both bases the dev team has control over what code the user receives, and could change that code at any time.
This is problematic because it gives the dev team the ability to alter the user’s experience in a negative way. We’ve seen examples of this in the wild, like when Uniswap delisted a large number of assets, presumably for regulatory reasons. Those assets still exist on the blockchain, but the frontend refuses to show them. If the app was truly decentralized, the Uniswap team would not have the ability to block the user from viewing those assets in the frontend.
The dev team also has the power to do more malicious things. If you control the frontend, you also control which smart contract the user is talking to on the blockchain. The dev team could change the frontend to execute a clandestine hardfork of the contract, putting users on malicious unaudited code, even though the original smart contract was both audited and secure.
For a user to have a truly decentralized experience, they need to control their own frontend. This is important because it protects users against malicious or compromised developers, and because it allows developers to deliver on their goal of a fully decentralized user experience. In some jurisdictions, a decentralized frontend may also reduce regulatory exposure for developers (though check with your lawyers, this is not legal advice!).
We’ve built Homescreen as a platform that allows projects to fully decentralize their frontends. Most existing frontends work out-of-the-box with Homescreen, you do not need to write special code or get special support from our team.
The magic of Homescreen is that it allows you to install web applications in the same way that you would install a desktop application onto your computer. When a user adds an application to Homescreen, Homescreen actually goes and downloads all of the code and assets and stores them in the user’s decentralized storage. When the user opens that application later, the entire application loads from the user’s storage. The dev team is no longer a middleman that can inject malicious code. This enables users to have an end-to-end decentralized experience.
Homescreen leverages decentralized login and decentralized storage to ensure that users have a consistent experience as they switch between devices. This is all made possible via Skynet. Importantly, Skynet is just as fast as the centralized web. Users do not need to put up with slow, laggy, low-uptime frontends in order to have a fully decentralized experience.
One of the major features of Homescreen is the ability to update applications. Homescreen can scan your applications to see if developers have pushed any updates. The user can choose to update their app at any time. Importantly, all prior versions are kept in your decentralized storage. If you update an app and realize you preferred the original, you have the full ability to downgrade to a previous version. You also have the ability to use a forked version of the app with customization from yourself or other developers, in some ways similar to modding video games on the PC.
The main reason that we built Homescreen was to protect users and extend the depth of decentralization in the ecosystem. But there are also political reasons to be increasing our focus on end-to-end decentralization. Regulators have increasingly been throwing around the term “DINO”, or “Decentralized In Name Only”, and have also been increasingly talking about putting legal pressure on developers to add controls and restrictions to their applications.
To the extent that developers are able to comply with requests from regulators, the entire blockchain space loses legal credibility. Right now, a request sent to a company like 1inch demanding that they deslist assets from the frontend is something that the Uniswap team can reasonably comply with. Whether or not you agree with securities law, you can agree that this lends credibility to the idea that DeFi is not decentralized.
Adding Apps to Homescreen
There are two ways to add apps to Homescreen. The first is to use the lookup bar, where you can find an app by its ENS name, HNS name, or by its cryptographic Skynet link. The app-finder even supports finding and installing apps using their IPFS hash!
The other way you can add apps to Homescreen is with an install button that can be placed on centralized webpages or things like github repos. When the user clicks the ‘Install to Homescreen’ button, Homescreen will open with a prompt asking the user if they want to install a new application.
If you are a developer and would like to make your app front-end available as an app on Homescreen, you can check out the developer documentation. For most apps, adding Homescreen support takes less than an hour, and gives your users a much more decentralized way to interact with your applications.
When building Homescreen, we had 3 major choices for architecture:
- Keep all things in-browser
- Use centralized infrastructure to create a cloud
- Use Skynet
The most secure option by far is the first option. But the first option comes with a major drawback: users would have to re-install all of their apps every time that they switch to a new device, and they would have to re-install all apps if they ever go into their browser and clear cookies + local storage. The future is better than that, so it’s not really viable.
The centralized infrastructure option is actually fairly reasonable. You can protect the user against malicious code by encrypting and authenticating all of the data before sending it to the centralized cloud. You can’t however protect the user against being de-platformed, and you can’t stop the centralized cloud from changing their terms-of-service. If a regulatory entity wanted to get involved, this option is likely to fail users.
Which leaves decentralized storage as the final choice. And while there are multiple potential options for decentralized storage, only one really has the performance characteristics that allow it to deliver a consistent user experience.
IPFS is often the go-to for our industry, but IPFS really struggles with the type of data that Homescreen needs. Retrieval times of files on IPFS is generally 30–60 seconds. It often appears to go faster, but that’s only because ipfs.io and CloudFlare have advanced caching solutions that keep popular data available at acceptable latencies. If you’ve ever tried to access unpopular or rare files on IPFS, you’ll know what I’m talking about.
Homescreen also needs to use dynamic data, which on the IPFS stack means using IPNS. IPNS struggles even more than IPFS does, as it generally doesn’t even get to benefit from a caching layer. We’ve seen updates over IPNS take as many as several hours to propagate across the network. If you’ve ever used an identity solution like Ceramic, you’ll know what I’m talking about.
If we want users to actually prefer decentralized solutions, those decentralized solutions need to be just as fast as the centralized ones. We’ve now spent almost 7 years optimizing the network behind Skynet to ensure that it runs at speeds comparable to Amazon. With no caching in place, Skynet can deliver a 20 MiB frontend to users in less than 1/4 of a second. For dynamic data, reads happen in under 100ms and writes can fully propagate the network in less than 3 seconds.
The other big advantage to Skynet is the growing ecosystem of infrastructure. Most of the ecosystem uses the decentralized identity protocol MySky, which is a single identity that works across all applications. If you’ve created a MySky account for another Skynet app like Rift or Hackerpaste, that same account can be safely used for Homescreen, and login will even happen automatically.
If you need to see it for yourself to believe it, check out https://homescreen.hns.siasky.net/, where you’ll be able to create a MySky account if you don’t have one already, and then login and view a set of default apps, interact with them, and install your own.