Hi everyone,
an idea has been growing in my head for some times and I finally took the time to put it into words. I’d like to know what you think from a technical point of view but also more generally about the merit of the concept.
Here it is:
What?
Safe layers are application that runs within the Safe browser. They are almost exactly like a normal Safe web app: they are written in html/javascript/css, they have access to the SAFE API, they cannot modify the browser anymore then normal Safe web app can. But there is three key differences with normal Safe web apps.
First, you don’t access them through an URL inside the main window of the browser. Instead they are installed locally from an immutable data. The immutable data also contains a link to a structured data owned by the developer of the layer. When he makes an update, the version of the layer is updated and the user is now free to update or not to the latest version. This means the update process is more formal then for normal web pages and offer an extra level of security that could be used to add trusted certification at some point.
Second, they aren’t displayed inside the main window but instead, over it. They are a layer over the content of the main window, like a popup(a useful one…). Their size and position can be set by the user. They can be docked on the side or they can be shown full screen and multiple layers can be used at the same time.
Third, more importantly, they are aware of the current URL of the main window. They cannot change the content of the main window, but they react based on which url the user is viewing. For example, a discussion layer would change its topic automatically to show the topic related to the current page. A store layer would change its products listing based on what the page is selling. A “tip” layer would change the tip recipient to send the tip to the owner of the page. These are just a few examples but the possibilities are endless.
So the owner of the web page has no control over what is happening inside the layers of the user but can decide to officially support it by providing the necessary information to the browser.
For example, the owner can give a link for the discussion layer so it knows where to find the official appendable data that contains the official discussion. This discussion would be controller and moderated by the owner and the discussion layer would label it as being official. That said, the discussion layer might not stop other conversations to take place in other channels though.
The owner can provide a wallet id that is then used by the tip layer to forward all tips to his wallet. Or even a list of products that would be used by a store layer.
The goal is to enhance web contents with highly customizable and reusable community driven features.
Why?
A new security paradigm
The Safe network works differently than the normal web and requires a different approach on how security is handled.
On Safe, everything needs to go through the Safe Launcher. If a user wishes to comment on a blog post, he needs to first authorize the web page to post the comment on his behalf. If the user comments on multiple forums, each of them will be asking for authorization. This proliferation of authorization request leads to what is now called “Auth fatigue” where the user doesn’t pay attention to these requests anymore because he’s accepting them too frequently.
The concept of layers spin the situation around. You authorize the layer, an application that you trust, once, and you can then proceed to interact with any content of the network without having to give your trust to the owner of the content in question.
In other words, as you navigate through Safe, the content of the web page changes, but the layers you use stay the same. It’s just the context inside which they operate that changes.
Automatic enhancement of all Safe content
By adopting and promoting the use of layers, it means that any web pages found on Safe is automatically enhanced with all the features provided by all available layers the community created.
There’s no need to create your own implementation of a discussion forum and ask your users to trust you with their API access. You can simply point them to a layer that does it instead. You don’t need yet another store implementation, you only need to provide a json with a list of your products in it for example. Receiving tips from your users is only a matter of giving your wallet id to the tip layer.
Layers fully embrace the concept of reusability. Developers don’t need to reinvent the wheel for every project. And every new website is automatically enhanced with all features of all layers.
Of course special cases exist and some websites need to do something very specific and requires a direct API access. This is still supported and layers will also enhance these websites. One key difference is that these websites won’t need to request a wide range of permissions since most of the common features are already handled by the layers, they can only ask for the specific API access they need to do their specialized task.
Mixing clearnet and other networks with Safe
Allowing a website from the clearnet to access features of the Safe network is a sensitive subject and with good reason, it is the user’s privacy and anonymity that is at stakes. On the other hand leveraging the immense content of the clearnet makes the Safe network useful from day one and help solve the chicken and egg problem.
With layers it is now possible to do it without risk of compromising the safety and the anonymity of the user. Websites never interact with layers directly. They only provide, through the Safe browser, information for the layers to use. But they cannot know if a layer is using the information or not. Even better, they don’t interact with the Safe browser directly either, they just provide the information in a known place and the Safe browser is the one responsible to look at the data.
For extra precaution, the Safe browser would reject all API call made from a website that is not stored on Safe. If you want to enjoy the full power of Safe, your website needs to be stored on it.
Safe layers can be seen as an omnipresent overlay that transcend all type of protocols accessible through the Safe browser like safe://, http://, ipfs://, etc.
One global community
With layers, discussion isn’t spread in isolated island anymore. News can be spoken about directly at the source. Information can be debated about and fact checked directly where it is propagated making the conversation available to anyone stumbling upon it.
People you interact with in one location could be found in another one. As you travel around the network your web of trust travels with you allowing you to meet familiar people with common interest and making relationship stronger. It’s the opposite of what we are used to.
Community hub around a subject will still exist but will always be over shadowed by the layer system allowing anyone to add their opinion on any matter. Self-curation through your web of trust will assure you that you stay clear of unwanted content.
Layers over layers over layers…
Why stop at one layer though. We could have multiple level of layers. For example, a “rating” layer is a good candidate to be used within other layers. Rating can be applied to shop items, discussion topics, art work, etc.
What’s next?
Without a doubt this is a big endeavor. This is not a feature that can be completed on a weekend. What is presented here is a long term vision and the goal of this post is the see if the community feels like it would be interesting to investigate further.
A proof of concept could be made with the first layer being a discussion one. Most of the features are already in place inside the Safe browser for a basic POC to be created. What’s missing is:
- A button in the navigation bar that pops up a new layer window which automatically loads a web page from URL. (local install through an immutable data would come later)
- A layer window that stays over the main window.
- A event the layer window can listen to be notified when the url of the main window changes or when a tab changes.
- Access to the SAFE API.
So that’s it. What do you guys think, worth exploring further or not?