Standardizing trustless DApp frontends

This is something I've been mulling over a long time and it seems timely to have a discussion about it.
Why are smart contract frontends still websites? Why haven't we moved past this?
There are multiple pressing reasons for moving towards trustless frontends:
-
Developers may be compelled to limit access to their own DApps, pushing users to questionably safe alternative frontend implementations. We see this now in the scramble to comply with sanctions.
-
Hackers or malicious devs change the website code to steal funds. Recently seen in the DNS attack on Curve, this has happened often since the beginning, keeps happening, and will continue to happen as long as smart contracts are being accessed through websites. It is inherently insecure.
-
Web code is nigh-unauditable. Even if it wasn't subject to arbitrary updates at any moment (such as hosted on IPFS), it's still very difficult to determine the code does nothing malicious, because a modern website is a bloated mass of compiled javascript.
What would an alternative look like?
I envisage a client application that takes a smart contract address and a maximally barebones UI specification (more of a config file than a website), and renders a working interface for the user. These specifications would be simple for someone familiar with the intended use of the functions in the target smart contract to tell from a brief reading whether they are malicious. There could be some mechanisms for confirming legitimacy for regular users, like the UI specs being included as annotations in the comments of the smart contract, or message signing from the official devs or trusted figures attesting they've looked it over and it seems fine.
Any thoughts or ideas? Are there other considerations such a standard would need to address? Have things like this already been attempted? Are there reasons it hasn't or wouldn't work or be adopted?
submitted by /u/No_Industry9653
[link] [comments]