Compound Labs’ decision to open-source its front-end to the protocol and move hosting to IPFS are important steps in the decentralization of the protocol. Given the criticism around Uniswap Labs’ blacklisting of certain synthetic and derivative assets on its hosted UI, Compound Labs presents a different way forward here.
That said, this change – particularly the redirection of Compound Labs’ app.compound.finance to the IPFS hosted interface with its cumbersome URL – has introduced some possibly underappreciated risks to user confidence and is creating a lot of undue stress for ordinary users. Evidence from the protocol’s Discord server suggests that many casual users are having at least a moment of panic when they get redirected to a URL they don’t recognize and see what appears to be a clone of the Compound Labs interface requesting access to their wallet. It’s natural for these users to worry that they or the Compound Labs’ UI might have been phished or worse, shaking confidence in the protocol as a safe place to earn yield on their digital assets.
This move is good for decentralization, but it happened very quickly by the standards of most typical users and was introduced without much of any warning on app.compound.finance itself. I would argue that most users who deposited via the Labs interface are still unaware that this change took place and that if the wrong narrative took hold, the suddenness of the change and the sketchy appearance of the IPFS URL are both legitimate threats to the protocol’s reputation (backwards as that may feel for those who understand the reasons for the change).
There are many things we could do as a community to mitigate this risk. We have other community-developed UIs in the pipeline which is great; @getty has registered an ENS for the Compound multi-sig to control hosting of this UI, which is also a great start.
But I think the most important thing we can do in the short term is to create a new splash page or banner on the interface, before asking users to connect their wallet, that explains the change and provides links for users to educate themselves about it / verify the accuracy of the redirect.
I think it would boost confidence the most if this splash page were actually built by Compound Labs and hosted at app.compound.finance by Compound Labs, perhaps no longer automatically redirecting to the IPFS site. This would arguably be better than a redirect from a decentralization perspective; I could imagine that some courts might not care so much about the distinction between hosting a website and hosting a redirect to a website outside of Labs’ control.
Curious whether others feel the IPFS redirect is an urgent issue. Forum participants are among the most well-educated of the protocol’s users when it comes to ethereum infrastructure, so I worry we might be underestimating the damage we’re inadvertently causing to user confidence here.
