Services as Device Accounts

It’s not about a core feature, it is about interfacing things like these:

The idea is to decouple common services, such as picture collections, from the low-level Safe API. To stay with the picture example, there should be one format to store them and their groupings (the actual images, accompanied by metadata, and collection to group images), and many apps would need to be able work with that. However, how should we ensure that all of those apps do a good job?

Let’s imagine a new fancy Picture App comes out for posting pictures on the Safe Network. We don’t know if the App is trustworthy, so giving it access to our collection of pictures carries significant risk.

However, if we had a “Safe Pictures” account (sort of like an Instagram account) through an “official” App that we do know is secure, then we could delegate the actual handling of data (add/move/modify/delete, and to ensure the correct format) to this secure App and let the Picture App take pictures in its clever ways or add fancy filters or whatnot. We could, for example, restrict picture apps from deleting or moving existing images by default, and allow those features for only a few select apps.

This would allow users to have a single picture collection (that is, not a separate one for all picture Apps) and still have a line of control between the unsafe app and their precious data.


Solid is a step towards having standard ways of storing information, picture collections, documents and so on, although even there work needs to be done to decide the details. So this is feasible, but now inevitable, and it will require app devs to help create and adopt those conventions. The Solid team have started thinking about that, so they lead the way I think and if we want this, I think the best way is to go and help them.


This is where my proposal is relevant. We can’t trust that the develpers will adopt those conventions correctly. It may be either by mistake or negligence. That’s why I propose a layer between those apps and the network, to enforce them.

That way, users wouldn’t need to trust the devs of Random Picture or Social App that they implemented the standards correctly because the Official Picture or Social Middleware App wouldn’t allow incorrect data to pass through to the network.

As you said, it’s inevitable to decide on a standard. I say that in turn makes it inevitable to give users a way to make sure their apps would indeed follow those standards. The only way to achieve that is by adding a trusted filter between the apps and the network.

It’s not that all apps should go through those, but users could be sure that if an app does do that (that is, the app has no direct network access, only through the official middleware app) then they wouldn’t need to worry about anything.

Moreover, this would add devs a peace of mind as well, in several ways: firstly, they would have an easy way to test if their app implements the standards correctly, secondly, that they would not put their users’ data in danger, thirdly, they wouldn’t need to convince the users their app is harmless because it couldn’t be but.