ERights.org is the homepage of the programming language E, a secure distributed persistent language for capability-based smart contracting. There seems to be a lot of interesting information there, papers, talks/videos etc that is relevant for cryptocurrency and platforms like SAFE. I think the ERights website can be good for inspiration for things like design patterns for securely composing apps running on the SAFE network. The idea behind E is to support composition of concurrent and potentially malicious components distributed over potentially malicious machines.
E is basically a programming language built with the object-capability model for security.
A capability describes a transferable right to perform one (or more) operations on a given object. It can be obtained by the following combination:
- an unforgeable reference (in the sense of object references or protected pointers) that can be sent in messages.
- a message that specifies the operation to be performed.
Perhaps apps could use tokens(similar to safecoins) as the unforgeable reference, giving access to specific capabilities , maybe some limit number of times.
For example an app that wants to be invite only could have a token for registering a user account, then when a user registers a new account, that user would for example be given 3 tokens to give to friends. When registering an account in the app you would do something like giving the app access the MD containing the token, together with the register new user message. Not entirely sure how the app might use this token to register an account though, especially as it’s running on the client side.