Phantom: a publishing tool enabling users of the SAFE Network to easily manage websites

We want to get this across into Marketing @Sotros25 @Shane is quite correct here.


Agreed. Supporting work like this is definitely well within scope for marketing initiatives. Originally, a fuller list of Goals on the Foundation one-pager also included things like “App development sponsorship”, but I trimmed the list to get everything to fit on one page. :smile:

If you haven’t already, please checkout and provide feedback on the one-pager. Here is a link to a one-pager outlining the Foundation’s Aims, Structure and Key Questions .

If you’d like to make edits, let me know, and I’ll send an updated link.


A tiny little update… Phantom is now translated to Dutch!

German is also going to make its way in, if not tonight then in the morning tomorrow. This is probably one of those times where forum members don’t really care about the translation updates, but this kind of stuff really increases usability for large numbers of people and makes it easier to use the tools we create. I promise I’ll have some more juicy, feature-based updates for you all next week. <3

If you speak a language other than the following:

  • English
  • Spanish
  • Dutch
  • German

Then Phantom is still waiting to be translated in to your language, it’s really easy to contribute translations: - you don’t even need to log in to a Google account to add translations, and you’ll get added to the Contributors list in github as a thank you.

Please only do it if you’re a native speaker, not through Google translate or any other third party translation service - I want the text to be natural and fluent. :slight_smile:


I just wanted to say a huge thank you to everyone who has been in contact with me about translations over the weekend! It’s hugely appreciated and I can’t wait to get them live. :slight_smile: I had a busy weekend (of not doing much but relaxing!) and I’ll be getting another commit out tomorrow with all the languages submitted so far, as well as a draft version of the libraries needed to support the new plugins system. :slight_smile:


Just a little update, since it’s been quiet for the last week. While I wait for some updates to the SAFE Network browser I’ve been working on plugins behind the scenes and putting together a roadmap for my future work.

Most of the functionality I’m dependent on going forward is locked behind Maidsafe implementing permissions, so I’ll mostly be working on user interfaces and mock libraries for the next few weeks. I have a lot of interesting stuff to show, but I want to release it all at once, so watch. this. space.


Oooooh you tease, you… </camp>



Just for you, there’s a sneak peak on what I’ve been working on, which is going to slowly make its way in to the repository over the next few days… :eyes:


Thats a chunk of well-documented work.

Take the rest of the weekend off.
I’m just chuffed I have a trivial Vue example running in my local network.


Phantom security notification

This post was made as a result of our Responsible Disclosure Policy listed in the file of our Github repository:

Vulnerability assessment

Please note: This vulnerability only effects users running a local version of the Phantom application, compiled from source using NodeJS, and running a third party theme.

Users running a local version of the Phantom application (compiled from source) should update to the latest master branch commit immediately.

One of our development dependencies, ESLint, has a vulnerability in two of its dependencies which allows code being ran through the linting tool (so essentially: compiling Phantom from scratch) to run within the context of the local NodeJS environment.

The two dependencies are as follows:

  • Acorn: This dependency has already been patched in Phantom and is no longer vulnerable
  • Minimist: We are awaiting a patch for this dependency


The impact of this vulnerability is contingent on the following:

  • If running the vanilla version of Phantom locally, or accessing Phantom through the SAFE network browser, the impact is ZERO
  • If running a local development version of Phantom, using a custom Phantom theme installed from an untrusted source, the impact is HIGH

This is only likely to effect anyone doing local theme development, but as part of our Responsible Disclosure Policy, we are committed to informing the community about all potential vulnerabilities within 24 hours of being notified.

CVE Identifiers

  • CVE-2020-7598
  • SNYK-JS-ACORN-559469 (doesn’t have a CVE identifier)

20 posts were split to a new topic: Naming and branding

I have just finished translating to Portuguese… but there is on line I couldn´t understand… I would appreciate if you could rephrase that for me… thanks !

The SAFE network URL of the theme’s manifest, this URL will end in “.json”

it´s 3.13 am here… gotta go to bed, tomorrow I will be more awaken… haha

1 Like


It’s a link on the SAFE Network (beginning with safe:// which links to a theme file. The URL will end with the text “.json”, similar to how URLs can end with “.html” or “.jpg” :slight_smile:

1 Like

So that is …

“The SAFE network URL of theme´s manifest will end in .json” ?

“In order for your theme to manifest the URL on the SAFE Newtwork will end in .jason”?

Sorry, no.

Essentially it’s just saying “Input a URL ending in ‘.json’”

1 Like

I am trying to explain that line. Maybe because I am not a IT person but I translated as this…

SAFE Network requires an URL ending in .json to manifest your theme.

That way it will be very well explained in Portuguese.

The part being lost in translation is:

This is probably confusing because manifest has several meanings in English, in this instance, it’s this meaning:

Learn to pronounce
noun: manifest; plural noun: manifests
a document listing a ship's contents, cargo, passengers, and crew, for the use of customs officers.
a list of passengers or cargo in an aircraft.
a list of the wagons forming a freight train.
1 Like

Further to this, here is a mockup of the candidate screen design for the Just In Time Consent dialog that would be popped by the Safe Network App:

This would only be shown if the Safecoin Payment permission for a given app had either the Check every time or to Ask the first time rule applied to it. These rules can be quickly amended with the dropdown at the bottom of the dialog.


Just wanted to pop an update in here on what I’ve been up to the last few days: the answer is, not a real lot. Things are a little hectic here in the UK at the moment, even in times where I’ve managed to find some time to work, I’ve been really distracted by everything happening. I don’t expect I’ll have much to show for a week or two, so I just want to set that expectation here now.

Cheers, and stay safe all of you, Shane.


Entirely understandable, it’s hard to work when folk around you are in so much danger. Trying to help out is very hard, but we are all gonna have to do our bit and do it safely. Good luck man, wish you all the best in the next few weeks.


Hi @Shane, hope you are well.

Just a little question. Is Phantom going to make it on to the public shared section?

1 Like