Skip to main content

Security recommendations for chromia dapps

Protection against malicious dapps

Delayed configuration updates

Implement delayed configuration updates to provide users with advance notice of changes and prevent sudden malicious modifications:

blockchains:
  <my_blockchain_name>:
    config:
      directory_chain:
        config_delay: 86400000 # 24 hours delay in milliseconds

This delay period allows:

  • Users to review and prepare for upcoming changes
  • Detection and prevention of malicious configuration updates
  • Time for governance participants to react to suspicious changes

Governance implementation

Implement a robust governance system to manage dapp updates and configurations.

Governance starter kit can be seamlessly integrated into the dapp, offering flexibility and speeding up the prototyping process while maintaining compatibility with the core governance system. The plug-and-play approach allows developers to quickly implement standardized governance features without extensive refactoring, reducing development time while ensuring security best practices.

Proposal management

Governance proposals enable users to suggest and vote on dapp changes. This ensures that the dapp evolves through transparent, collective decision-making rather than unilateral control. This participatory model protects users by decentralizing authority, reducing the risk of malicious upgrades or hidden backdoors.

blockchains:
  <my_blockchain_name>:
    module: <my_module_name>
    moduleArgs:
      lib.governance.proposals:
        proposal_configs:
          option_item_limit: 10 # maximum number of choices per proposal
          max_duration: 2592000000000 # 30 days
          min_duration: 3600000 # 1 hour

For more details, refer to the docs and the Repo with the dapp example.

Veto system

The veto mechanism serves as a safeguard, allowing trusted governance entities or thresholds to block harmful or rushed proposals before they are executed. This enhances user security by preventing governance attacks or mistakes that could compromise user assets or dapp functionality.

blockchains:
  <my_blockchain_name>:
    module: <my_module_name>
    moduleArgs:
      lib.governance.votes:
        veto_config:
          veto_period: 100000 # Veto period in milliseconds

See the Repo for additional information.

Protection against malicious users

Rate limiting

Implementing rate limiting with points_at_account_creation ensures that a user can only perform a limited number of operations (usually one) within a specified timeframe, with the wait time controlled by recovery_time.

blockchains:
  <my_blockchain_name>:
    module: <my_module_name>
    moduleArgs:
      lib.ft4.core.accounts:
        rate_limit:
          active: true
          max_points: 10
          recovery_time: 5000
          points_at_account_creation: 1

Refer to the Repo for additional details.

Use require functions

The require function serves as a validation mechanism that helps check input parameters against business rules. If the condition provided to require is not met, the function aborts execution and raises an error.

operation transfer(from: account, to: account, asset, amount: big_integer) {
      require (from != to, "Sender and receiver have to be different");
      require (amount > 0, "Transfer amount must be positive");
      ...
   }