EIP: Domain-contracts two-way binding

This EIP proposes a standard way for dapps to maintain their official domains and contracts that are linked through an on-chain and off-chain two-way binding mechanism.

Web3 users sometimes get attacked due to vulnerebilities in web2 systems. For example, in Nov 2022, Curve.fi suffered a DNS attack. This attack would have been prevented if there was a standard way to allow dapp developers to disclose their official contracts. If this was possible, wallets could have easily detected un-official contracts and warned users.

An added advantage to this approach is to predictably find the the official contract addresses of a dapp. Most dapp’s docs are non-standard and it is difficult to find the official contract addresses.

More details: eip draft

This is work in progress. Sharing to get community opinion.

I might suggest using the /.well-known/ prefix for the path on the domain. Several other services already use that directory for fixed-location information files and it might make sense here too.