Parallel Container Proposal

Abstract

This document explains the need to containerize Parallel and proposes a draft communication protocol between Parallel and dApps.
Parallel aims to be a Web3 super app with a built-in account abstraction feature, supporting the top dApps including Uniswap, Opensea, Blur, Aave, etc). In order to do this, we will need to containerize Parallel and allow third parties to develop and deploy their dApps on Parallel.
By containerizing Parallel, we provide all the necessary infrastructure for dApps, so that these applications will no longer need to support various kinds of EOA wallets on their own. Even though Parallel is built with React, we cannot pick any technology to build their dApp.
Below is a draft version of the communication protocol between Parallel and a dApp (which we are currently using).
{
state: {
colorMode: 'dark' | 'light';
baseRoute: string;
provider: JsonRpcProvider;
account: string;
chainId: number;
};
container: Container;
apis: {
connectWallet: () => void;
addAssets: (context: AddAssetsContext) => Promise<void>
};
}

Security

Allowing third parties to deploy their dApp on Parallel could cause potential security vulnerabilities. In the early stages of Parallel, this wouldn’t be a problem since we will only allow certified third parties to deploy their dApp on Parallel. But in order to support any dApp to deploy on Parallel, we’ll need to have security measures to keep Parallel safe from vulnerabilities.
  1. 1.
    Javascript sandbox: This prevents the malicious mutation of global state from any dApp, making sure dApps are all safely isolated.
  2. 2.
    Style isolation: This prevents the malicious mutation of global style from any dApp, making sure each dApp’s style will not be affected by other dApps.
Last modified 2mo ago