MetaMask and Laconic Launch MobyMask Light Client

MobyMask, a new initiative from the MetaMask team to help proactively protect users from phishing, uses a dynamic web of trust for sourcing phishing reporters

Today crypto-phishing is out of control; it has become the domain of extremely professional organizations targeting many innocent people who are trying to participate in new forms of digital ownership with crypto.

You may have previously read about MobyMask, a new initiative from the MetaMask team to help proactively protect users from phishing, using a dynamic web of trust for sourcing phishing reporters.

That original version of MobyMask made it possible for any reporter to invite (or revoke invitations) for additional reporters, as well as submit (or clear) phishing reports. That first version had three major shortcomings:

Because every report is on the blockchain, in order to benefit from the safety benefits of the list, each user needs access to a full node, and must trust that full node with whatever they want to be kept safe from: twitter users, websites, anything. This was not great for privacy.

Because every report is on the blockchain, it costs some crypto to file every phishing report, which is not ideal. The phishers are clearly phishing cheaply, and so reporting them must also be cheap.

Because every report is on the blockchain, the average wallet is not keeping a local copy of the phishing list, and is unable to participate in helping keep their network peers safer.

In that article, I mentioned how I hoped those problems could be addressed by some kind of truly peer-to-peer light client network that enabled users to help directly share select portions of the blockchain that are relevant to them (in this case, the phishing list). I mentioned Laconic at that time, which was still operating in stealth mode, so most people didn’t know how it might relate.

Today I’m excited to announce that Laconic is coming out of stealth mode, and they chose MobyMask as a first demonstration of the power of their system.

Laconic is premiering today and launching a special MobyMask-caching Ethereum light client, which greatly reduces the cost for an individual or organization to host a trustworthy copy of the MobyMask anti-phishing registry. This creates a lightweight server process from which web services like MetaMask, WalletGuard, and Phishfort can start drawing their MobyMask phishing detection data, in a way that is easier for anyone to self-host.

Laconic is also working on a TypeScript version of their Watcher, which makes it possible for the list caching and peer-to-peer replication of that data to happen entirely from the browser.

In another future update, Laconic will also make it possible for users to gossip “counterfactual” phishing reports, which will allow phishing reports to have no cost to the reporter. These messages will be shared between peers, but will be fully provable on-chain, and the blockchain will only be needed for resolving conflicts in the registry and revoking access to reporters.

People running the MobyMask watcher client will both contribute to a more phisher resistant web, and gain access to a private API for looking up phishing reports, which they can then share as they like, either at no cost or for a fee.

While the initial version is a web of trust rooted within the MetaMask team (and reporters are invite-only, so there is currently no way for just anyone to start reporting), we aim to eventually allow users to subscribe to any number of roots of trust for reporting phishers, eventually allowing every user to be their own root of trust for sharing or sourcing phishing information, and eventually a similar system can work for verifying credible sources of other kinds of information, too (yes, that’s a big goal!).

In its final phase, we hope that any user who wants to will be able to run a “watcher” as part of their own wallet, and so the server costs will become effectively none, while the benefits are fully mutually beneficial among those participating.

In Historical Context

At MetaMask, this is a very special day for us. At our first ever team retreat, a number of our team members (including Aaron Davis, Herman Junge, and Dmitry Ryajov) had a vision and kicked off a very similar project we called Mustekala. That work eventually stopped for various reasons, but we’ve long known that letting users cache state for the contracts they care about is a missing ingredient in allowing smart contracts to more fully decentralize.

In my office, I still have the original notepad sheet that the Mustekala team filled out when first forming the concept. It was a wonderful time, a great idea, and has remained out of reach until now.

At Laconic, Rick Dudley and his team have spent the last six years doing the hard work of building a special fork of Go-Ethereum (geth) that serves the Ethereum data in the IPLD format, which makes it cheap and efficient for clients to request proofs of blocks of storage, so they can peer gossip it, as well as the client side code that enables clients to gossip incomplete “slices” of the blockchain state, and exposes that state via a GraphQL API. It’s hard to overstate what an achievement this is for bringing down the computational cost of privacy, scalable data distribution, and also speed of data lookups for users who repeatedly use the same contracts but don’t necessarily run their own full node.

Get Started Today

If you want to try out MobyMask, you can head to mobymask.com. If you’d like to try out self-hosting an IPLD-gossiping fork of geth, you can get started using this guide from Laconic here. If you’d like to build a browser-based application that draws from the Laconic MobyMask network, you can monitor progress on the mobymask-watcher here.

If you’re a developer who’d like to try setting up Laconic to help gossip and distribute access to another smart contract, you can follow the Laconic docs here.

If we’re going to build anything of value out of decentralized technology, we need to basically eliminate phishing from the equation. It’s going to take a lot of our creativity and ingenuity to put it all together, and we’re happy that Laconic and the Delegatable framework combine so well to create a highly scalable and privacy-preserving application whose safety remains rooted on the blockchain.

Recently Searched

Hot Coins

Trending

Daily Must-Read

Welcome Back

Join CoinTime

Sign in with email

Sign up with email

Check your inbox

All Comments

Recommended for you

British neobank Monzo raises $190 million, led by Hedosophia and CapitalG

Hong Kong Securities and Futures Commission: The public should beware of Quantum AI’s suspected fraudulent activities related to virtual assets

A whale deposited 757.7 BTC to Coinbase 3 hours ago, worth about 47.6 million US dollars

US SEC submits final response in Ripple case relief phase

Messari releases Fantom Q1 report: Market value increased by 101% month-on-month, DeFi TVL increased by 59% month-on-month

Ethereum liquidity re-staking protocol TVL exceeds $9.7 billion, of which Eigenpie TVL exceeds $760 million

Grayscale GBTC has a cumulative net outflow of US$17.4865 billion, and ARKB has a cumulative net inflow of US$2.2447 billion

Brazil considers purchases of cryptocurrencies from foreign crypto exchanges as imports, with crypto purchases reaching $14.84 billion in the past 12 months

Ethereum NFT daily trading volume on OpenSea fell to a two-year low, down more than 99% from its peak

ETH falls below $3,000

Daily Must-Read

What are tokenized commodities?

Bitcoin opens $63K futures gap as thin liquidity threatens BTC price

More than half of the Fortune 100 uses Apple’s Vision Pro headset

US Court to hear proposed remedies from Terraform Labs, Do Kwon in May

Bitcoin’s ‘euphoria phase’ cools, but a BTC bottom could be near — Glassnode

BlackRock's BUIDL becomes the world’s largest tokenized treasury fund

Popular Activities

Delysium $AGI & AI Private Yacht Party

Popular Tags

Share