xxB-2024-003: Haven Browser Extension Implementation

Bounty xxB-2024-003: Haven Browser Extension Implementation

Overview

This bounty rewards developers for implementing a secure browser extension for Haven that moves sensitive data storage (including user identity secrets) out of localStorage into a more secure extension-based storage system. The implementation will modify existing Go libraries and create browser extensions for Firefox and Chrome.

Prize Pool

Total Prize: 1,250,000 xx (~$62,500 USD)

Breakdown:

  • Milestone 1 - Go Library Modifications: 300,000 xx
    • Must be completed before subsequent milestones
  • Milestone 2 - Extension Interface Design: 200,000 xx
  • Milestone 3 - Extension Implementation: 300,000 xx
  • Milestone 4 - Haven Integration: 250,000 xx
  • Milestone 5 - Store Publication: 200,000 xx

Requirements

Eligibility

  • Participants must complete KYC verification
  • Participants from OFAC-sanctioned countries are not eligible
  • Multiple contributors may collaborate on submissions
  • Existing xx network contractors are eligible, but must recuse themselves on bounty related decision making if they decide to participate.

Technical Requirements

  1. Milestone 1 - Go Library Modifications
  • Extend xxdk-wasm library to support external KV stores
  • Implement KV interface defined in collective/versioned/kv.go
  • Add functions to pass in KV interface supporting objects
  • Maintain compatibility with existing localStorage implementation
  • Complete documentation and test coverage
  1. Milestone 2 - Extension Interface Design
  • Research existing extension architectures (e.g., polkadotjs-extension)
  • Define interface requirements for KV storage
  • Document security considerations
  • Create detailed technical specification
  • Design extension architecture
  • Define communication protocols
  1. Milestone 3 - Extension Implementation
  • Implement extension for both Firefox and Chrome
  • Secure storage implementation
  • Background script functionality
  • Content script integration
  • Message passing system
  • Error handling
  • Security hardening
  • Cross-browser compatibility
  1. Milestone 4 - Haven Integration
  • Proof of concept integration with Haven
  • Migration system from localStorage
  • Fallback mechanism
  • Performance optimization
  • User experience improvements
  • Integration testing
  • Security audit
  1. Milestone 5 - Store Publication
  • Extension packaging
  • Store listing preparation
  • Documentation for users
  • Marketing materials
  • Support documentation
  • Publication to Chrome Web Store
  • Publication to Firefox Add-ons
  • Maintenance plan

Implementation Requirements

  1. Technology Stack:
  • Go programming language
  • xxDK and xxdk-wasm libraries
  • Browser Extension APIs
  • WebAssembly
  • Modern JavaScript (ES6+)
  1. Security Requirements:
  • Secure storage of sensitive data
  • Protection against XSS attacks
  • Protection against extension tampering
  • Secure communication channels
  • Data encryption at rest
  • Access control mechanisms

Submission Requirements

  1. Source code must be:
  • Open source (same license as xxDK)
  • Submitted via merge request to appropriate repository
  • Well-documented
  • Passing all tests
  • Following project coding standards
  • Security audited
  1. Documentation must include:
  • Technical specification
  • Security analysis
  • API reference
  • Integration guide
  • User guide
  • Development guide
  • Build/installation instructions

Judging Criteria

Submissions will be evaluated on:

  1. Completeness of implementation
  2. Security considerations and implementation
  3. Code quality and maintainability
  4. Documentation quality
  5. Test coverage
  6. Performance
  7. User experience
  8. Cross-browser compatibility

Timeline

  • Submissions accepted until completed or program ends
  • Reviews will occur within 2 weeks of submission
  • Prizes paid within 30 days of approval

Payment Terms

  • Prizes paid in XX tokens
  • Multiple submissions may split prize pool
  • Major awards (>50,000 XX) subject to 6-12 month linear vesting
  • All payments subject to KYC approval
  • Partial payments may be made at discretion
  • Payments may be locked in a linear vesting schedule for up to 1 year

Contact

Submit questions and proposals through:

  • Repository issues
  • Developer forum
  • Developer chat channels

Please respond in the forum if you are pursuing this bounty.

Legal

  • xx network reserves right to modify bounty terms
  • All submissions must comply with applicable laws
  • Participants retain rights to submitted code under project license
  • xx network not responsible for lost or invalid submissions
1 Like