One of the most promising concepts of second-generation blockchains is that of dApps (or “decentralised applications”). These are apps built on top of a blockchain. To date, few have made the headlines (with the exception, perhaps, of CryptoKitties), but there is a an increasingly large amount being pushed to the Ethereum mainnet, and even more in the works — State of the Dapps lists a range of projects in various stages of development. MetaMask will let users interact with these dApps using only their browser.
Bitcoin Magazine spoke with James Moreau from the MetaMask team to get a grasp of how their platform grants access to the growing ecosystem of games and applications on the Ethereum blockchain.
On top of facilitating access to decentralized applications, MetaMask also functions as an encrypted storage vault for Ethereum addresses. Users are able to generate multiple accounts, in which they can store Ether and ERC20-compliant tokens. It further supports various testnets (Ropsten, Kovan and Rinkeby), for experimentation with projects in beta. If users are already running a full node, they can tether the software to it.
The protocol has been praised for the simplicity in which it grants access to the infrastructure built atop the Ethereum blockchain. Evidently, it has been a popular extension, having reached its millionth download in early February 2018. It has clearly appealed to users who may have otherwise been dissuaded by the prospect of setting up a full node and dedicating disk space to storing the blockchain in full. Its integration with both Truffle and Ganache has further cemented MetaMask’s place in dApp development toolkits.
The devs seek to facilitate cohesion with projects in the crypto space and recognize the integral role MetaMask plays across the board: DEXs (or decentralised exchanges) are of critical importance in the shift to a fully-decentralised iteration of the web, and applications such as MetaMask are invaluable to safeguarding private keys when interacting with potentially vulnerable sites — take the recent EtherDelta hijacking where, despite the compromise of the site itself, data stored in MetaMask was kept safe (operating much like a hardware wallet).
In terms of competition, there are very few with similar offerings, said Moreau:
“When it comes to lightweight clients, the only other platform that springs to mind is Cipher, a mobile dApp browser working on iOS and Android. To call it competition, though, would be somewhat misleading — the two projects are complementary, with Cipher focusing on catering to the mobile market while MetaMask seeks to optimize the desktop side of things.”
At present, the MetaMask team hasn’t made it a priority to port the project to a mobile medium — the developers’ short-term focus is to improve the overall user experience (offering more versatility when it comes to transferring tokens) and to revamp the current UI.
“Security is one of the team’s primary concerns. In and of itself, the extension has no known attack vectors — user data is stored locally and vaults encrypted with passwords. The biggest outside threats are those rampant across the crypto space — phishing and malware. MetaMask has a built-in detection system for filtering phishing attempts and will warn users of potentially risky transactions before executing them,” Moreau explained.
So far, there have been issues with security breaches pertaining to MetaMask’s support (it should be noted that it is a third-party provider, the extension was unaffected), and a recent bug resulted in users being locked out of their accounts. Being an open-source project, though, anyone is free to vet the code and take on bounties set by the team.