24 lines
1.2 KiB
Markdown
24 lines
1.2 KiB
Markdown
|
# Privacy Challenge for Polkadot Metaverse Championship
|
||
|
|
|
||
|
|
## Description
|
||
|
|
This is a privacy research challange. Take is as a proposal.
|
||
|
|
|
||
|
|
## Task
|
||
|
|
Do a research on privacy and what data is taken by the chosen project - list below. You need to test what kind of data can be logged and where by the service provider, for example: does the backend receive your browser user-agent, screen resolution, battery state, etc. We know some of the projects listed here have serious issues, but a clear collection of what data is taken and where would it be stored could make things more transparent and increase awareness.
|
||
|
|
|
||
|
|
So the task is to do the research, create list about data sent to the project servers/nodes and draw a topology. Don't spend on it more than an hour.
|
||
|
|
|
||
|
|
Ideas on what to look for:
|
||
|
|
- Data in the HTTP/API requests
|
||
|
|
- Data in the WSS channels
|
||
|
|
- Network data
|
||
|
|
- Think about timing and even if you have multiple addresses, balance checks can give a good base for statistics on which addresses belong to the same wallet/browser
|
||
|
|
- Consider what would happen if you use the service through proxy/TOR/etc
|
||
|
|
|
||
|
|
## Links, sources
|
||
|
|
https://kusama.momentum.xyz/
|
||
|
|
https://polkadot.js.org/
|
||
|
|
https://www.talisman.xyz/
|
||
|
|
https://metamask.io/
|
||
|
|
https://acala.network/
|