If we allow third-party applications inside BitShares client/wallet, a lot of things that require centralized services would be much easier to implement and make user friendly . Some examples:
- whoever runs a gateway (RealBTC<->IOUBTC) could publish an application, so users interested in this gateway could install an application be able to convert BTC to IOUs not leaving the client.
- faucet can run referral program, so users could use its application to redeem referral program's coupons or generate new coupons to share with friends right inside the BitShares client.
- escrow agent can have its own application specific to the service it provides.
- and many others more simple use cases, like advanced block explorers, market charts, and a lot more.
Another advantage - this allows us make the client as light as possible, by default it would contain only basic wallet functionality needed to register account and transfer funds, everything needed for more advanced users can be installed as applications, for example market GUI can be an extra app.
Later when ethereum-like scripting language is implemented, the same applications infrastructure could be used to interact with blockchain DAPPs.
And some technical details how this can be implemented.
A trusted party is needed to make this possible, first of all there should be some repository of applications, second, applications would have access to private keys, so there is a big security issue. I suggest delegates to be this party responsible for apps: delegates publish their list of trusted applications, the same way delegates now publish price feeds and toolkit version. List of applications can be publish json format, each application entry can contain download URL, API URL (if app is supposed to communicate with centralized service), checksum and the version number (if version changed the client will automatically update the application).
Technically, an application is Angular.js module - just a package comprised of html and js files. BitShares client downloads it, verifies checksum and signatures and plugs it in as Angular module.
There might be different rules for different kinds of application, e.g. if application doesn't require access to wallet_* rpc calls, it may require only one delegate to publish it, applications that require access to wallet_ calls may be required 10 or more delegates to publish feeds. To revoke an application, delegates just need to stop publishing it - BitShares client will mark it as revoked in the applications repository. DPOS shines again giving BitShares a huge advantage over competing platforms.