Request Network Security browser extension #60
Description
Browser Extension for Smart Contract Security Verification
Problem
Our open-source smart contracts can be cloned by malicious actors who deploy similar contracts with lookalike addresses to trick users into losing funds through fraudulent approvals and transactions.
Proposed Solution
Create a browser extension that intercepts wallet transactions (MetaMask, etc.) and provides real-time security warnings by:
- Checking contract addresses against a hardcoded allowlist of legitimate Request Network contracts
- Detecting lookalike/similar addresses
- Analyzing function calls and approvals for suspicious activity
- Displaying non-invasive security warnings to users
Security Requirements
- Contract allowlist must be hardcoded in extension code (not fetched externally)
- All validation logic isolated in background script to prevent frontend tampering
- No dynamic loading of contract data from potentially compromised sources
Research Tasks
- Investigate existing security extensions (Pocket Universe, Wallet Guard, etc.)
- Evaluate feasibility of getting Request Network contracts added to existing tools vs. building our own
- Technical feasibility assessment using WXT framework
Technical Stack
- WXT framework for cross-browser extension development
- Content scripts for wallet integration
- Background service for security validation