Integrity check of the cryptography code provided by IDM Clients

[satazor]

Description

A valid concern was raised about cryptography being done by IDM Clients, which will be available in the form of SDKs for different languages. There should be a recommendation regarding integrity checks, such as checksums or similar mechanisms, to ensure that the IDM Client that DApp developers include were not tampered.

For the IDM Client for the Web, we may use https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity.

Acceptance Criteria

• [ ] Create one or two paragraphs with recommendations about this topic in the IDM Concept paper

[daviddahl]

For the IDM Client for the Web...

I'm not sure it will be a good idea to release a true web client. There are few crypto experts that would rely on a server-delivered web page with JS that does crypto, even with subresource integrity employed.

I would start with an electron app and perhaps the next step would be an (DNSLink) IP(N)FS-hosted client - but would still want to get a consensus from experts on what is the optimal solution that enables a modicum of security.

[satazor]

@daviddahl There are some valid concerns in being a pure web client & wallet, even if we have a strong key management. One example is extensions, which basically have 100% access to what's happening in the tab.

Still, we really want users to engage with DApps without requiring to install stuff beforehand. This will increase adopting and decrease friction, at least initially. Then, we can definitively recommend users to install the wallet as an app, mentioning security as one important reason. This is what blockstack is currently doing.

and perhaps the next step would be an (DNSLink) IP(N)FS-hosted client

We will definitively use DNSLink and host things in IPFS.