HackerTrans
TopNewTrendsCommentsPastAskShowJobs

the42thdoctor

no profile record

Submissions

Show HN: Making missed workouts cost money with Android TEE and smart contracts

pedrooaugusto.github.io
2 points·by the42thdoctor·5 месяцев назад·1 comments

Show HN: FitVow – a smart contract that fines me if I miss weekly fitness goals

fitvow.pedroaugusto.dev
1 points·by the42thdoctor·6 месяцев назад·1 comments

comments

the42thdoctor
·2 месяца назад·discuss
This reminds me of the speech to text API, which already uses AI and is available on almost all browsers. So there's already precedent.

But most importantly this would enable us to finally write JavaScript like this:

const a = prompt("how much is 31c in Fahrenheit")

The future looks bright!
the42thdoctor
·5 месяцев назад·discuss
I’ve always been an expert at negotiating with myself to skip a workout. To fix this, I built FitVow: a system where I lock real money into a smart contract, and if I miss my weekly goals, I get fined.

The engineering challenge was: How do I prevent my future, lazy self from lying to the contract?

I tried to solve this by anchoring trust in three places:

1. Hardware-backed Proofs: The Android app reads from Health Connect (Galaxy Watch data) and signs a summary using a non-exportable key in the phone's TEE (Trusted Execution Environment). The smart contract verifies this signature on-chain.

2. Amnesiac APK Signing: To prevent myself from just "updating" the app to a version that fakes data, I sign the release with an ephemeral key and permanently delete the keystore. Since Android identity is tied to the signing key, I can’t overwrite the app without losing the hardware keys, which triggers an expensive on-chain penalty.

3. Permissionless Enforcement: The contract is "ownerless" regarding enforcement. If I fail a week, anyone can trigger the penalty function. The enforcer gets a small bounty, and the rest goes to charity (Giveth).

This is currently a 12-week experiment with ~$235 at stake. It’s not a product—it's a system design puzzle to see if I can make cheating more effort than just doing the workout.

Live Dashboard: http://fitvow.pedroaugusto.dev/

Source Code: https://github.com/pedrooaugusto/fitness-unbreakable-vow/

I’d love to hear your thoughts on the security model—especially how you’d try to 'break' the vow without actually exercising.
the42thdoctor
·6 месяцев назад·discuss
Author here: I built this because I kept finding ways to “renegotiate with myself” on weeks I didn’t feel like training. I wanted a commitment device with real consequences and no trusted referee — just code and incentives.

Write-up / architecture / threat model:

https://pedrooaugusto.github.io/blog/posts/making-missed-wor...

Current run parameters:

- Network: Arbitrum (Ethereum L2)

- Duration: 12 weeks (Jan 19 → Apr 13)

- Total stake: ~$235 (0.075 ETH)

- Penalty per failed week: ~$19 (0.00625 ETH)

How enforcement works:

- If a week fails, anyone can call enforceAgreement() and receive a share of the penalty; the rest goes to the Giveth charity.

- There’s also a Chainlink Automation backstop so “nobody enforced” can’t become an escape hatch. If automation is the first to enforce a missed week, there’s no caller to reward, so 100% of the fine goes to Giveth.

I’d love feedback on:

1) where you’d try to cheat this,

2) what would make it more verifiable/auditable to you.
the42thdoctor
·3 года назад·discuss
Can't wait for the GPT integration with GitHub and start programming like Tony Stark