Hello, BlockBuddy

BlockBuddy is a decentralized application that makes it possible to securely transfer tokens through familiar communication channels like text message and email. Until now, the task of sending tokens has required users to exchange account information, like address and chain ID. Also, if the recipient was a new web3 user, the sender would have to guide them through the installation of a wallet. This friction makes it impossible to enjoy the foundational human experience of sharing and gifting.

In addition to being unpleasant, it simply doesn’t scale for artists, merchants, and other content creators who want to give tokens to their audiences of customers, fans, and subscribers, which may number in the thousands. The current process of airdropping requires the collection of addresses and is prone to abuse, since it can be difficult to distinguish a real user account from that of a bot. With BlockBuddy, web3 tokens can be sent with the ease of web2 messaging applications and can leverage existing mail lists, contact books, and authentication infrastructure.

How?

We’re developing Token Locker Protocol (TLP), a set of open source, permission-less, fee-less, and non-upgradeable smart contracts that facilitates non-interactive token transfers.

Presently, sending tokens requires coordination between the sender and the recipient because the sender needs the recipient’s address. But what if the recipient has many accounts, has switched to a new account, or doesn’t even have one yet? Figuring this out is an awkward, error-prone, and unscalable process.

Token lockers entirely remove addressing as a concern and instead allow users to leverage established communication channels to transfer all major fungible and non-fungible token standards (ERC 20 / 721 / 1155).

The physical-world analog for this concept is a package locker, like those widely deployed by Amazon. This infrastructure enables the secure delivery of goods, without sellers knowing a customer’s address and without customers even needing to have one. Instead, the goods are deposited in a secure location known to both parties (the locker), which the recipient is able to unlock at their leisure.

Welcome BlockBuddy

Built on top of TLP, BlockBuddy is a decentralized, peer-to-peer application that makes it possible to securely send tokens via text, email or other messaging platforms. On chain, senders grant the non-upgradeable locker contract permission to transfer specific tokens from their account.

Since the address of the recipient is unknown at the time of locker setup (or may not exist, if the recipient is new to web3), the client-side application generates a key-pair that will only be known to the sender and recipient. The public key is stored in the locker contract, and the private key is encoded in a trust-on-first-use (TOFU) link that the sender will share with the recipient. When the recipient creates a transaction to open the locker, one of the inputs is a signature of the desired deposit address. The locker uses the public key to verify that the signature belongs to the intended recipient. BlockBuddy walks the recipient through all of these steps, including the installation of a wallet and linking of an account.

Design

This same mode of non-interactivity could easily be created through a centralized service that follows an email-like “store-and-forward” pattern. In such an architecture, the sender would transfer the tokens to a third-party account. Once the recipient is ready to accept the tokens, the third-party could simply forward them to the user. But this strategy violates the core principals of decentralized systems, trusting a middleman with user assets.

We reject such an approach and instead opt for a 100% trust-less design. From the moment the locker is created, until the moment it is opened by the recipient, the tokens remain in the custody of the sender. The locker contract never has ownership of the assets, just permission to transfer them (and only after being authorized by a signature that is produceable solely by the sender or the recipient). The sender can easily cancel any transfer simply by revoking the contract’s permission.

BlockBuddy also maximizes the security of recipients. Many users have been the victims of phishing attacks and account poisoning, in which malicious actors deposit bogus or even illegally obtained tokens into a user’s account. BlockBuddy reduces these risks in a few important ways:

• Mandatory preauthorization. Tokens sent through TLP are only deposited into the recipient’s account after they explicitly accept them by opening the locker.

• Social security. Acceptance links are transmitted through established communication channels like phone numbers and email addresses. Recipients should never accept tokens from an unknown contact, and many of these systems already have filters for catching spams and scams.

• Complete control. The chosen security scheme is fully within the power of the recipient to decide. They are free to open the locker from any wallet or address (main or burner) that they choose, without any coordination with the sender.

What other benefits does BlockBuddy offer?

• Reduced friction. Every user of the web has already dedicated significant effort to cultivating a network of trusted contacts through email addresses, phone numbers, and social media profiles. We are confident that one day decentralized identities will join (and perhaps supersede) such systems, but for now, these are the primary channels through which individuals, companies, and governments have learned to identify each other in the digital world, so it makes sense to leverage them.

• Transfer options. One token to one locker is the most common cardinality, but batch transfers through a single locker are also possible (i.e. for moving a collection). BlockBuddy even supports a many-to-many pattern, in which each token is transferred through its own locker, enabling one-click, on-demand airdrops through TLP.

• Gas-less transfers. Senders have the option to prepay gas fees on behalf of the recipient. This is ideal for use-cases like gift-giving, airdrops, and payments between friends and family, in which the sender wishes to guarantee that the recipient will be able to accept the tokens seamlessly and without any hindrances, like obtaining gas.

We live in a capitalist world, but a disturbing number of people live without access to or even the right to possess capital. Digital assets transcend these barriers, and when everyone on Earth can freely exchange value, the global economy and the lives of billions of people will fundamentally change for the better. Cryptocurrency exchanges and NFT marketplaces have made a dent, but the scale of this future requires massive network effects, the kind that BlockBuddy and TLP will rapidly accelerate.