Open friedger opened 5 years ago
hey @friedger thanks for the suggestion, appreciate the idea here. Seems like something founders should increasingly do to get feedback, but not seeing it as solving the trust or security of an app in a simple way. Operationally and for app mining, don't think we want to be responsible for this at the moment.
What is the problem you are seeing? Please describe. For users, in some apps it is unclear how to contact app publishers.
How is this problem misaligned with goals of app mining? This does not accelerate the adoption because there is little to build trust in the app. Adding a contact section adds to the trust in an app.
Blockstack apps deal with data that are expected be treated in a secure way. In case of questions or security problems users and researchers should have an easy way to contact the app miners.
What is the explicit recommendation you’re looking to propose? App publishers need to provide a contact section in the app stating
App publishers are encouraged to state
Install a whistleblower system to flag apps that do no provide this information or that provide wrong information (e.g. email that bounces, twitter account that is not maintained, phone number that is not answered)
Provide documentation that show examples of acceptable design of a contact section and not acceptable design of a contact section.
Describe your long term considerations in proposing this change. Please include the ways you can predict this recommendation could go wrong and possible ways mitigate. This recommendation could prevent app publishers to create apps because they want to stay anonymous. To encourage these app publishers clearly state in the documentation ways to find partners in the ecosystem that offer to be the consumer facing party. The current way would be the slack channel #dapp-help-wanted.
Additional context
This proposal is similar to the requirement
See