Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Geo blocking #1

Closed
martinkrung opened this issue Dec 23, 2020 · 7 comments · Fixed by #76
Closed

Geo blocking #1

martinkrung opened this issue Dec 23, 2020 · 7 comments · Fixed by #76
Assignees
@light-fury
Labels
enhancement New feature or request help wanted Extra attention is needed question Further information is requested

Comments

@martinkrung
Copy link
Member

martinkrung commented Dec 23, 2020
edited
Loading

UN-Sanction list, see how this is done by uniswap interface.
@martinkrung martinkrung added enhancement New feature or request good first issue Good for newcomers labels Dec 23, 2020
@martinkrung martinkrung added this to the MVP milestone Dec 23, 2020
@adamazad
Copy link
Contributor

adamazad commented Jan 11, 2021
edited
Loading

How about just blocking IPs? Aave, Compound, Yam, and most of DeFi protocols are behind Cloudflare. I think they're using this https://community.cloudflare.com/t/blocking-entire-countries/24172/12

@martinkrung
Copy link
Member Author

I don't know how we can do this on ipfs! Some more research needed. How is omen dong this?

@martinkrung martinkrung added help wanted Extra attention is needed question Further information is requested and removed good first issue Good for newcomers labels Feb 4, 2021
@adamazad
Copy link
Contributor

adamazad commented Feb 5, 2021

@nicoelzer you are in charge of mesa-ui.dev, could you please look into geofencing in the Cloudflare IPFS bridge?

@nicoelzer
Copy link
Contributor

@adamazad, mesa-ui.dev is only an internal staging domain, that won't be used to serve the actual product deployment.

To make sure Mesa.eth will be untouchable, we should not rely on centralized providers such as Cloudflare. All DXdao products are hosted on IPFS and served on the ENS domain which can be governed by the DAO. As ENS domains don't allow to to setup geofence, we need to find a solution directly in the frontend.

@martinkrung
Copy link
Member Author

@nicoelzer @adamazad

We need an external service for this.

We can ask an external API with the IP as input and then get a yes or no back. Once done, set a cookie with timout (30 days?) to not repeat on every request.

@adamazad
Copy link
Contributor

adamazad commented Feb 10, 2021
edited
Loading

I found ipfs/notes#284 for anyone working on this issue.

https://1change.exchange
https://compound.finance
https://aave.com

They all use Cloudflare to block IPs.

We can ask an external API with the IP as input and then get a yes or no back. Once done, set a cookie with timout (30 days?) to not repeat on every request.

Browsers can block cookies. This can be easily bypassed. Best to allow access to Mesa on IPFS, but deny access on mesa.eth.link

@martinkrung martinkrung modified the milestones: MVP, Demo Feb 10, 2021
@martinkrung
Copy link
Member Author

Bypassing is not that an issue, it's easy with VPN anyway. It's just that you limit it and can say you have respected the UN List.

@light-fury light-fury self-assigned this Feb 15, 2021
@light-fury light-fury mentioned this issue Feb 16, 2021
Merged
9 tasks
@light-fury light-fury linked a pull request Feb 16, 2021 that will close this issue
add geoblocking feature with ipapi service #76
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@light-fury light-fury

Labels
enhancement New feature or request help wanted Extra attention is needed question Further information is requested
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

add geoblocking feature with ipapi service cryptonative-ch/aqua-interface
4 participants
@martinkrung @nicoelzer @adamazad @light-fury