Ethereum Push Notification Service (EPNS)

What is EPNS?

Ethereum Push Notification Service (ref. EPNS) is one of the latest layers of verification and security being used across Web3 applications to provide a platform for verifiable announcements due to the rampant increase of bad actors in the Web3 space.

“Ethereum Push Notification Service (EPNS) is a decentralized communication protocol for web3. It allows any dapp, smart contract, backend, or protocol to communicate directly to user wallet addresses in an open, gasless, and platform-agnostic fashion.”

For example, an NFT project has been exciting, and the upcoming mint requires users to connect their wallet to a site, whether to mint, claim, etc. For the most part, community members trust that announcements made on official pages are legitimate, therefore thinking it’s safe to connect their wallets, and so on. However, sadly, nowadays, that is not the case. Bad actors continue to bypass 2FA on various platforms (Twitter, Discord, etc.) and then post malicious sites to drain wallets and steal assets. The following is an example of one bad actor that has been exposed over the last week by @zachxbt on Twitter.

1/ Cameron Redman is the alleged person responsible for the hacked NFT Twitter accounts over the past few months

Does the name ring any bells? Well it should bc in February 2020 he SIM swapped a single person for $37 million worth of Bitcoin & Bitcoin Cash

Time for a thread pic.twitter.com/jnXNkzknZn
— ZachXBT (@zachxbt) August 24, 2022

Via @zachxbt – Twitter

Although very little can be done when an account is compromised, measures can be put in place to verify the legitimacy of announcements, which is where EPNS comes into play. With EPNS, founders can create channels for their communities that can be subscribed to by community members. These channels will produce notifications verifying the legitimacy of an announcement that requires the connection of a wallet through the signing of a private key from the channel creator or a delegated user, rather than relying on web2 platforms with questionable security measures and authentication methods.

However, there are a couple of points you need to keep in mind about the current state of the EPNS platform. Currently, the only way to directly verify channel legitimacy through the EPNS platform is the channel address provided to you as the channel admin or by the project founder through socials (Discord, Twitter, etc.) For example, the JRNY Club EPNS channel address is 0x01460723c3EcC805c7D2Fd06c31CdE413d048F6E, which you can look up and Opt-In for on the EPNS website. As for community members, seeing that broadcasted messages MUST be signed with the private key associated with an admin wallet, the possibility of a malicious backdoor is zero, which leaves community members knowing that the message being presented to them is legitimately verified.

Fun Fact: This feature also eliminates the possibility of damage due to rogue admins/employees, as we’ve seen happen through applications such as Twitter, various discord bots, etc. With that said, that means founders and those with admin access must keep wallet security as a top priority as well.

Quick Founder Summary

EPNS was founded by Harsh Rajat in early 2020. Harsh Rajat has 11 years of entrepreneurial experience in various areas of the tech sector regarding architecture, development, and design. Rajat discovered blockchain in 2018 when he joined his first fintech blockchain company based in New York. From there, that same fintech company broke into a separate company focusing on mobile blockchain products, which is an area Rajat was heavily experienced in. Shortly after, Rajat decided it was time to venture off on his own and start EPNS after realizing the following.

“I quickly realized how blockchain doesn’t have [a decentralized] notification protocol yet, a concept which is tied to our online presence and the traditional web 2.0 services, which led to the invention of Ethereum Push Notification Service (EPNS).”