[joekrill]

I've said this before, but that's just kicking the can down the street. At some point, unless you are inspecting every line of source code, every dependency, every dependency's dependency, and so on down the line until you get to the silicon, you HAVE TO put your trust somewhere.

[canadaduane]

The approach we're taking at Mainframe is to create a new "baby OS" that provides a sandbox for dApps to live in. This way, the OS acts as intermediary on permissions to access any resource that would contradict the user's will. For example, accessing a URL, signing data with a private key, or making a payment would all involve an OS-level permission. (For now, mainframeOS is part desktop app and part decentralized infrastructure. The user experience of the desktop app is similar to a browser, but cannot access DNS without explicit permission, and relies on decentralized infrastructure only, which provides privacy and security guarantees that today's browsers can't. Someday it will grow up into a real OS layer.)