Polkassembly is an existing discussion and voting platform for Polkadot and Kusama governance. It's an open source project that cares about its user's privacy. One can signup with a Web3 account (Kusama/Polkadot), no email is needed... Still it's centralized. This hack project, Open-Polkassembly, makes Polkassembly censorship resistant and trustless. Today, if Polkassembly DB is hacked, any discussion happening on the platform can be compromised. Admins can censor content of the discussions without anyone noticing. 99% of the web runs on centralized infrastructure, we can't just rebuild it all from scratch. Many projects have existing user base and need a transition to a web3 stack. This is what we do here. Open-Polkassembly is extending the existing web2 stack, to add the decentralized storage to it while keeping the performances unchanged. How? by using IPFS storage as a trustless data storage that will be compared to the cached (fast!) data. The UX between web2 and web3 is unchanged!
How It's Made
Open Polkassembly lets users create and update content on IPFS seamlessly using a Textile Threads DB. I've built custom React hooks around the Textile api to make the dev experience better. Every time a user loads a forum thread, the app performs a comparison in the background between what is stored on the centralized DB, and what is on IPFS. Because the cached (centralized) data is available right away, users can start reading the content and interacting with the app. The "censorship check" is performed asynchronously and takes a couple seconds. If the authors have been changes or the content has been modified or censored, the user will be notified. Posts and comments creation on IPFS happens transparently for the user, from the client side. Because the website is hosted on IPFS, users can be certain that there is no man in the middle. The website is hosted on Fleek, pinned on Pinata, and also got pushed to Filecoin testnet thanks to Textile bucket cli (at the time where the lotus client hadn't stall!). The hacky part: authentication for Threads DB happens on a hosted server, because there is no better way to do it yet. Ceramic is promising, but it's still in the making. Another culprit: there is no ACL for ThreadsDB as of now, so this would be needed before Open-Polkassembly goes live, to make sure only authorized user can add/change content. The Textile team is aware of it though and ACL is part of a planned refactoring.