Security

Advanced cloud-based DDoS protection services are used to identify and neutralize threats before they reach interface infrastructure. Scalable solutions are used so that applications can remain accessible, even during periods of high request volume.

To safeguard the domain, DNSSEC is used to protect against DNS spoofing and validate that domain name requests are securely authenticated. Regular monitoring and updates to DNS configurations help prevent unauthorized domain transfers.

The front-end employs state-of-the-art intrusion detection systems (IDS) that monitor for suspicious activities and potential threats, assisting with rapid detection and response to protect user data.

Content Security Policy (CSP) and Subresource Integrity (SRI) checks are used to detect and prevent unauthorized modifications to front-end code, maintaining the integrity and security of the application.

Each commit of the Aave Interface codebase is automatically deployed to IPFS. The app.aave.com IPNS pointer and domain text records, using the DNSLink standard, are continuously updated to reflect latest deployment hash.