HackerTrans
トップ新着トレンドコメント過去質問紹介求人

the42thdoctor

no profile record

投稿

Show HN: Making missed workouts cost money with Android TEE and smart contracts

pedrooaugusto.github.io
2 ポイント·投稿者 the42thdoctor·5 か月前·1 コメント

Show HN: FitVow – a smart contract that fines me if I miss weekly fitness goals

fitvow.pedroaugusto.dev
1 ポイント·投稿者 the42thdoctor·6 か月前·1 コメント

コメント

the42thdoctor
·2 か月前·議論
This reminds me of the speech to text API, which already uses AI and is available on almost all browsers. So there's already precedent.

But most importantly this would enable us to finally write JavaScript like this:

const a = prompt("how much is 31c in Fahrenheit")

The future looks bright!
the42thdoctor
·5 か月前·議論
I’ve always been an expert at negotiating with myself to skip a workout. To fix this, I built FitVow: a system where I lock real money into a smart contract, and if I miss my weekly goals, I get fined.

The engineering challenge was: How do I prevent my future, lazy self from lying to the contract?

I tried to solve this by anchoring trust in three places:

1. Hardware-backed Proofs: The Android app reads from Health Connect (Galaxy Watch data) and signs a summary using a non-exportable key in the phone's TEE (Trusted Execution Environment). The smart contract verifies this signature on-chain.

2. Amnesiac APK Signing: To prevent myself from just "updating" the app to a version that fakes data, I sign the release with an ephemeral key and permanently delete the keystore. Since Android identity is tied to the signing key, I can’t overwrite the app without losing the hardware keys, which triggers an expensive on-chain penalty.

3. Permissionless Enforcement: The contract is "ownerless" regarding enforcement. If I fail a week, anyone can trigger the penalty function. The enforcer gets a small bounty, and the rest goes to charity (Giveth).

This is currently a 12-week experiment with ~$235 at stake. It’s not a product—it's a system design puzzle to see if I can make cheating more effort than just doing the workout.

Live Dashboard: http://fitvow.pedroaugusto.dev/

Source Code: https://github.com/pedrooaugusto/fitness-unbreakable-vow/

I’d love to hear your thoughts on the security model—especially how you’d try to 'break' the vow without actually exercising.
the42thdoctor
·6 か月前·議論
Author here: I built this because I kept finding ways to “renegotiate with myself” on weeks I didn’t feel like training. I wanted a commitment device with real consequences and no trusted referee — just code and incentives.

Write-up / architecture / threat model:

https://pedrooaugusto.github.io/blog/posts/making-missed-wor...

Current run parameters:

- Network: Arbitrum (Ethereum L2)

- Duration: 12 weeks (Jan 19 → Apr 13)

- Total stake: ~$235 (0.075 ETH)

- Penalty per failed week: ~$19 (0.00625 ETH)

How enforcement works:

- If a week fails, anyone can call enforceAgreement() and receive a share of the penalty; the rest goes to the Giveth charity.

- There’s also a Chainlink Automation backstop so “nobody enforced” can’t become an escape hatch. If automation is the first to enforce a missed week, there’s no caller to reward, so 100% of the fine goes to Giveth.

I’d love feedback on:

1) where you’d try to cheat this,

2) what would make it more verifiable/auditable to you.
the42thdoctor
·3 年前·議論
Can't wait for the GPT integration with GitHub and start programming like Tony Stark