I love the concept of speakeasies, hidden locations in plain sight. Then I thought, how do we extend this to the internet? Imagine visiting a webpage that appears differently for you on load vs someone else because you in the know. That's how gossip squirrel was born (shoutout to UC Davis) But then I thought, what's the commercial/enterprise use case of this? That's when I came up the application of applying this to commercial SaaS ecosystems.
What it does
Gossip squirrel uses HTS tokens as credentials. For example, if the user has the right amount of a specific token, when they visit website X it will load interface Y. If a user does not have the right amount of tokens, website X will instead load interface X. We use a modified Hedera chrome extension as the key to this system. In a commercial setting, this creates the opportunity for users to trade SaaS subscriptions for example. As users can freely trade their HTS tokens which represent credentials to other users if they don't need the subscription anymore, greatly disrupting how SaaS ecosystems are modeled today and prevent customers from being trapped without the SaaS companies losing money.
How we built it
For the extension, I modified the existing Hedera chrome extension to broadcast the HH account ID associated with it. This broadcast is picked up by the website on load, and gives the signal to load a different interface than the default one. HTS tokens associated with the account are used as the credentials and are checked through the block explorer to see if in wallet.
Challenges we ran into
Creating compatibility between chrome extension and background scripts. Creating that messaging bridge was new for me.
Accomplishments that we're proud of
Was able to create messaging between chrome extension and background scripts which is a new thing for me. Able to build a working prototype in under 24 hrs.
What we learned
Security is hard. Had to think of where information can be intercepted or spoofed to prevent fooling the system.
What's next for Gossip Squirrel
Improving support for other Hedera wallets and tooling to pull account ID and associated tokens. Decentralize a token <> account mapping maybe through Hedera File Service or IPFS, which can open the door to SSO associated tokens. Improve overall security. Publicly release the library. Service for SaaS companies to build HTS token mappings