We started out on this project as a joke, a realllly snarky one that points out how many ERC-20s have an owner account with admin privileges. Our hilarious and edgy perspective was that if you're not going to take decentralization seriously why not swing the other way entirely (plus there's a ridiculous (!) pun hidden in the work "sheetcoin").

However, as we progressed we realized that there's actually a really good minimal-trust method for really using google spreadsheets as a side chain. We realized this could even be a great burner wallet. Sending tokens with Google OAuth and an email address is a much better UX than managing a private key and paying gas. Plus it's way cooler to be mature and adult and realize life is all about compromises.

You know what's cooler than web3? web 3 billion ...people all the ones who use google

What it does

No-coiners are first class citizens on this Dapp! All you need is a google account to start signing transactions on this speedy, scalable, and totally free* spreadsheet sidechain. You can even address your transfer to an email instead of those pesky hexa-whatever wallets (no need for ENS!). The Sheetcoin Sidechain is fully connected to Ethereum so if you do feel the need to "decentralize or die" you can move assets trustlessly back and forth (trusting Google is like trusting god and infinite trust is the same as absolute trustlessness, right?).

*Is data really labor? You're not even using it!

How we built it

First we experimented with OpenZeppelin's work on recovering google auth RSA signatures within the EVM. We got this working moving tokens instead of just account recovery, but put it on hold to build the rest of the google sheets sidechain.

Building with google is awesome but it also really sucks. We spent way too much time making bad interfaces inside google sheets so that you barely need to leave their soft and bezeled nest.

We also built a second wallet with vue.js that handles all the nasty web3 interactions that are necessary for moving assets on and off of the clean pretty sheetcoin side-chain onto the scary expensive legacy chain. The API it use it open for anyone to use with simple OAuth verification, so you can use your own interface as well.

Most of our backend is run with google-script so you know it's as good and secure as javascript! We use a google cloud function for signing withdraw releases and use terminal to monitor when users deposit onto the sheetcoin bridge contract. We hacked the Google OAuth nonce field to allow users to sign their sheetcoin transactions which allows us to make sure it's really you (and google) who wants to move that sheetcoin.

Challenges we ran into

We wanted to include the RSA signature recovery in the EVM as a final safeguard against us (but it's ok we won't be evil). This would make it so that we can't run off with all the locked tokens on Ethereum. We also had a hard time using google's app-script as a server without being able to handle basic request settings like CORS headers. We lost a little time converting everything over to google lambda functions, but gave up when we realized google-script is the highest form of language available.

Accomplishments that we're proud of

  • We realized how to build a trustless side chain using google sheets!
  • We found a bunch of bugs in terminal!!
  • We got to say the word "Sheetcoin" all weekend!!!

What we learned

  • Google is great but they also suck

What's next for Sheetcoin

  • Adding the trustless RSA signature recovery so that no one can run off with anyone else's money.
  • Multi-token support on different tabs (aka state-sharding)
+ 5 more
Share this project: