πŸ›οΈDApp Store by privacy

DApp Store in Webkey has the following components:

  • DApp Store App

  • Metadata Server

  • Storage Server

  • Build Server

  • Signing Server

  • Verifying Server

  • Publishing Portal

  • Payment Server

DApp Store App

DApp Store is an android DApp market, preassembling in WebKey phone.

Metadata Server

Metadata Server is for storing, maintaining and serving the DApp metadata.

DApp Information used by DApp Store App to compile the public index comes from several sources:

  • APK, media, etc files

  • per-package β€œmetadata” files

  • localizable texts and graphics in the metadata

  • localizable texts and graphics embedded in an app’s source code

These metadata files are simple, easy to edit text files, always named as the β€œpackage name” with file type appended. There are a wide range of available fields for adding information to describe packages and/or apps. For all of the fields like AuthorName that apply to all releases of a package/app, the fields use CamelCase starting with an upper case letter. All other fields use camelCase starting with a lower case letter, including per-build fields, localized fields, etc.

Storage Server

Storage Server is a decentralized storage service for APK files.

Signing Server

The Android APK signing model sets the expectation that the signing key will be the same for the entire lifetime of the app. On top of that, it is difficult to migrate an app to a new key. Since the signing key is an essential part to preventing APKs from impersonating another, Android signing keys must be kept safe for the entire life of the app.

This means the security burden is shifted from the online, public webserver to a private signing machine. Just keeping that machine out of the public eye goes a long way towards improving security.

Signing Server is secured by the following mechanism:

  • HSM

  • Multi-Signature

Verifying Server

Verifying Server is responsible for veriying the validation of android DApps by anti-malicious and AI.

Publishing Portal

Publishing Portal is for developers to release android DApps. The audit process involves the community DAO.

Payment Server

Payment Server is a cryptocurrency payment service for DApps.

PreviousDecentralized ServiceNextSecurity

Last updated