Dapp Metadata Registry

[frederikrothenberger]

Hi Everyone

Due to a recent discussion here and an ecosystem project voicing plans to build such a registry (see here) it seems timely to start a conversation on what our use-cases and requirements for such a registry actually are.

Below I started collecting a few ideas to get the discussion going.

Use-Cases:

• Show metadata of a dapp when interacting with a signer (e.g. "dapp A is requesting a transaction").
• Have a list of applications a signer is compatible with (for discovery purposes).
• ...

Requirements:

• on governance of the registry
  • should there be a distinction between the contents of the registry and the registry dapp itself with regards to governance?
• the API to fetch data
  • how is the registry paid for?
• ...

The decision of whether to integrate with a specific registry is up to the developer of the signer. However, it would be nice if we could give some guidance here to the registry developers as to what signer devs generally expect.

[dostro]

Here's what we'd like for NFID Wallet:

• Query an API with origin from postMessage
• Response from API with logo, name, and trustLevel (i.e. trusted, untrusted)

[frederikrothenberger]

I think for Internet Identity such a dapp registry should have the following properties:

• open and transparent governance / DAO ownership
• stringent review process that prevents dapps from impersonating each other
• a way to filter out all unverified / non-reviewed information
• API:
  • the same as @dostro: query using origin, retrieve logo, name, short description maybe
  • II is interested in trusted information only
  • data must be certified
• payment model (if any) must be suitable to still offer a free service to end-users