Premise: we need reduce friction to the creation and publishing of DAppNode Packages on-chain.
Solution: Create a new repository in a cheap sidechain like xDAI.
In an informal conversation, user @ligi brought up that the security of xDAI is not the same as in Ethereum. What that means in practise is that xDAI validators could agree to pass an invalid state transition where they introduce a malicious package in the DAppStore.
While this is certainly a concern, here are some mitigations:
Economically, xDAI validators can probably obtain higher economic viability from continuing to support a good, secure chain, than to lose all credibility to target DAppNodes. Arguably, the most damagin thing they could do would be to attack Eth2 validators (for now), and they could not obtain more than the validator keys, so they could not earn from it. Since the reputation of xDAI is at stake, we imagine that they wouldn’t want to risk what they have built in order to do a suicide attack against Eth2 validators using DAppNode.
One mitigation to this type of attack through invalid state transitions is to sign packages and allow for DAppNode to check signatures before downloading and installing the new packages. This would protect users as a package injected with this sort of attack would still not be able to be correctly signed. The list of valid signatures would still be in Ethereum, so the security of this method still depends on Ethereum.
The technical discussion around this topic should happen in this github issue: Migration to xDAI (APM + Directory) · Issue #327 · dappnode/DAppNode · GitHub
This proposal is still in collaborative design phase and preparing to have something that the DAO can vote on.
Please participate in the discussion with your thoughts in order to come up with a rough consensus that we can use to build a solid proposal with no reason to create controversy.