🐿 Cybersquirrel.xyz
Stash and fetch crypto with wallet-agnostic, non-frontrunnable magic link transactions. https://cybersquirrel.xyz/
Created on 18th September 2022
•
🐿 Cybersquirrel.xyz
Stash and fetch crypto with wallet-agnostic, non-frontrunnable magic link transactions. https://cybersquirrel.xyz/
The problem 🐿 Cybersquirrel.xyz solves
https://tella.video/cybersquirrelxyz-4m1q
It's annoying to send crypto to wallets. With Cybersquirrel, you don't even need to know the wallet address. Simply send a link through your preferred channel.
It's also hard to airdrop rewards to your audiences. You don't have a list of wallets of your telegrams, discords etc. With Cybersquirrel, simply send them a link. This works really well for rewards and puzzles, too. Just make the correct answer to the puzzle be the passphrase.
There are dozens of other use cases that are annoying to setup because of frontrunning or having to have dedicated frontends for micro applications. Squirrel solves this. Oh, and squirrel is unstoppable. The frontend is on IPFS, and the SC is deployment on mainnet. Even if we wanted to, we could not undeploy this anymore. It's now in space: https://bafybeih6dkiogw4slnqjbtwxsohrw5g7u4mmbegpa4sbulxzjo5uhrlpem.ipfs.nftstorage.link/
Challenges we ran into
Frontrunning was the greatest challenge with this. Our use case is a textbook example for frontrunning. Alice (stasher) wants to send money to anyone who knows a specific phrase (fetcher). How can you do that on the blockchain, where you can't store private data? First, we thought about ZK proofs because they're super cool. But gas cost of proving a zk-SNARK is still around 500k gwei, so we transitioned to a much cheapert two-phase time-locked transaction mechanism, which is also super cool. This has a smaller attack surface and is a more mature method of doing things. The way it works is this: when someone wants to claim funds, they make a deposit to lock the smart contract for 15 minutes to only allow retrievals to their address. The deposit only gets refunded if the fetcher then submits the correct passphrase. The required deposit amount can be set by the stasher. The two-phase mechanic prevents denial of service attacks and the deposits make DoS attacks very costly.
The second challenge was making this an unstoppable app. This means setting up the smart contract completely non-custodially, and hosting the frontend as a single static file. This is pretty unusual, and we had to adapt the tooling to us.
The third challenge was coming up with a cool story and design for this unstoppable app. We went with a space squirrel theme because we like to watch how squirrels stash stuff. And squirrels should not be sanctioned, because stashing and fetching is a right ʕ⁎̯͡⁎ʔ༄