WorldFlagify
The database of malicious ethereum addresses and web domains, created by real humans
Project Description
In the crypto world, scams are ever-present, and it's crucial for everyone to remain vigilant. WorldFlagify aims to provide a platform for individuals to easily report suspicious websites or addresses. If a sufficient number of real people (Worldcoin verified) report the same entity, it will be flagged as malicious.
Developers can leverage the WorldFlagify service to quickly verify whether an address or domain is potentially harmful. This functionality could be integrated into various applications such as:
-
Wallets: Users attempting to send funds to an address can utilize WorldFlagify to verify if it has been flagged as malicious. If flagged, a clear warning can be issued; if not, the transaction can proceed as usual.
-
Browser extensions: New browser extensions could be developed to safeguard users from accessing malicious sites. WorldFlagify could also be incorporated into existing platforms like MetaMask, which already includes a site blocker for malicious sites (but it doesnt catch everything).
How it's Made
I arrived at the hackathon on the 16th, so I missed the first day and only had one day to work on this project.
The website itself is rather straightforward. It's built using Next.js and utilizes shadcn/ui for its UI components, thus incorporating Tailwind for styling.
The report page features a "Verify with WorldID" option. This enables the app to authenticate that the report is being submitted by a genuine individual and ensures that each report is unique. This functionality is facilitated by the IDKitWidget component. When the "File Report" button is clicked, an API request containing the WorldID data is sent to the Next.js API. The endpoint then verifies the authentication before proceeding.
Currently, there is no backend in place to store the actual reports. However, there are several options available. Reports could be stored in a simple database or on the blockchain. If deployed to the blockchain, the API would serve as a caching layer between the blockchain, making retrieval of malicious site data more efficient.
This is a cool use case for WorldID, greatly benefiting from its ability to verify if it's a real person.
