[1IP-66] - Transition to Fusion+ for the Alternative Modular Interface of 1inch

Author: Denis

---

Simple Summary:

The project aims to implement Fusion+ in the interface for gasless cross-chain swaps. Security measures will also be strengthened, including protection against phishing attacks and improvements to the Permit2 mechanism, as well as the development of Account View and CI/CD configuration for automatic library releases to NPM and signing code of the desktop version.

The requested amount is 66,000 USDC over 6 months, with monthly payments of 11,000 USDC.

Abstract:

The project aims to expand the functionality of the existing alternative 1inch interface by introducing Fusion+. Users will be able to perform cross-chain swaps without gas fees, with protection from MEV attacks and the use of Dutch auctions. The modular design of the interface will allow easy integration into other applications and platforms. Additionally, the CI/CD system will be improved for the automatic publication of project libraries in NPM and signing of desktop versions, enhancing deployment quality and user experience. These changes will make the interface more flexible, scalable, secure, and convenient for both developers and users. Additionally, one of the key tasks of the project will be improving the protection of open-source versions of the interface from phishing copies and increasing infrastructure stability, as well as finalizing and activating Permit2.

Motivation:

The current version of the interface only includes swap functionality. The implementation of Fusion+ will allow users to perform fee-free cross-chain swaps with high levels of security and efficiency. This module will expand the use of the interface and attract more users and developers. The modular approach makes the interface flexible and convenient for integration into any DApp or platform requiring asset exchange functionality. Due to the recent incident where a phishing page was created based on the open-source version of the swap interface, systems to protect against such incidents will also be developed. Additionally, one of the key tasks will be finalizing Permit2, which was temporarily disabled due to technical problems.

Specification:

• Fusion+ Interface:

  Modernizing the UI for cross-chain swaps using Fusion+ technology.

  Interaction with the 1inch API for creating, canceling, and monitoring cross-chain swaps.

• Account View Interface:

  Developing a UI for managing balances and tokens (Account View), allowing users to track assets and manage accounts.

• CI/CD Improvement:

  Automating the publication of all project libraries in NPM. This will allow developers to immediately use the latest version of the interface components.

  Automating the signing and publishing of new code versions for automatic desktop application updates.

• Phishing Protection System:

  Developing mechanisms to protect open-source versions of interfaces from being used in phishing copies, including authenticity verification and source code validation.

• Permit2 Finalization:

  Implementing and activating the Permit2 feature, which was temporarily disabled. Finalizing the token permission management system will improve interface security and efficiency.

• Infrastructure Improvement:

  Transitioning to the infrastructure of major providers such as Cloudflare or AWS will reduce latency to the proxy and increase its stability. This will also allow load rebalancing depending on the user's location.

  Protecting the proxy from third-party use — implementing WAF will complicate proxy usage by third parties and increase infrastructure stability.

Rationale:

The main motive for developing Fusion+ is the need to expand the functionality of the alternative 1inch interface so that users can perform cross-chain swaps with enhanced security and no gas fees. Implementing phishing protection mechanisms will help prevent future incidents similar to the recent attempt to create a phishing page. The modular approach was chosen to ensure flexibility and ease of integration. Finalizing and activating Permit2 will also be a crucial aspect, improving token security.

Considerations:

• Security: The implementation of Fusion+ and phishing protection mechanisms requires special attention to transaction and code security. All interactions with the 1inch API will be secured using transaction verification and signing standards.

• Performance: Switching to Lit and using IndexedDB will ensure high performance even on devices with limited resources.

• Resource Management: Development costs will be minimized through the modular architecture and automation processes.

• Risks: Potential risks are related to technical challenges in integrating Fusion+ and Permit2 into the existing architecture, as well as developing the phishing protection system.

Costs:

The project is planned for six months, with a total budget of $66,000. Funding will be split into monthly payments of $11,000, allowing for flexible resource management at each development stage. This amount includes all associated expenses, such as purchasing certificates for signing the desktop version, Sentry fees, Cloudflare services, server costs for Proxy, and other expenses that may be necessary for the project at its current stage.

Payment Structure:

If this proposal passes, 66,000 USDC will be transferred to the Operations Multi-Sig (0x45e84e10e8E85c583C002A40007D10629EF80fAF), and subsequently paid out to 0x568D3086f5377e59BF2Ef77bd1051486b581b214 as follows:

An initial payment of 11,000 USDC will be made upfront.

The remaining 55,000 USDC will be streamed over a period of 5 months.

Project GitHub repository: link

Project GitHub Paging staging link

---

Previous Grant Work:

As part of the 1IP-50 proposal, a tremendous amount of work was done. Through close collaboration with the 1inch team, it was decided to create a modular solution with the ability to integrate its components into any applications and websites where fast token swapping is required. Based on this, a technical analysis was conducted, and it was decided to switch from Angular to Lit, as Angular is a heavier solution that could impact the performance of the entire page with embedded modules from 1inch. In turn, Lit is a lightweight library that solves the problem of writing templates in native web components, significantly speeding up the work of embedded modules and reducing the size of final bundles.

Recently, there was an incident involving the creation of a phishing page based on the open-source version of the 1inch swap interface. As a result, one of the priority tasks became strengthening the security system and developing mechanisms to protect users and the project from such threats. These measures include improving authentication and server-side verification to prevent the creation of phishing copies of the application.

Additionally, due to technical shortcomings, the Permit2 function, which ensures safer token permission management, was temporarily disabled. In the next stages of development, we plan to finalize and reintegrate Permit2 to enhance security and usability.

A modular architecture for the application was developed, and a bundler based on esbuild was written to accelerate development and package publication. To improve performance, a data storage system using IndexedDB was implemented, significantly reducing interface lags, especially on portable devices.

A desktop version of the interface was also implemented using the Electron framework. This version can be built for all current platforms: Windows, MacOS, Linux (AppImage). CI/CD was set up to automate desktop version releases through GitHub Releases, allowing automatic application updates. The latest version is also published on GitHub Pages so that everyone can review the results of the work done under the 1IP-50 proposal.

For module integration, an integration layer was developed, allowing the swap form or any other application module to be embedded into the host application's desired location, regardless of the framework or library used.

The application has some drawbacks: one of the most significant is the Nginx proxy, necessary to encapsulate the keys from the 1inch Dev Portal. The server itself is not powerful enough and may struggle with high traffic. Its location is also important: the server is currently hosted on DigitalOcean in India, which turned out to be optimal for users in most regions of Asia and Europe.

You can view the results of the previous proposal here:

https://github.com/1inch-community/interface

https://1inch-community.github.io/interface