HashDrop A zero-trust app for proving that you had a document at a specific time.


HashDrop lets you prove that you had a specific document at a specific time. This was a crypto project that had genuine utility. Since crypto was known for being unintuitive, I figured I would have a unique edge in writing an app that would be more intuitive than anything else out there.

I was inspired by this patio11 post:


In his case, he wanted to prove that he wrote something at or before a specific date, but he didn’t want to publish the actual document until sometime later. Security researchers will sometimes do this. They’ll hash a document describing some vulnerability, and then publish the document after the vulnerability is patched.



There are two parts to this project. The first part was generating the hash. And the second was getting that onto the blockchain. I was able to get this working. The hard part was packaging this up into a user-friendly experience that was also secure.

Another goal was to have the entire app runnable locally, or copyable onto your local IPFS node. This would let the you ensure that the app was not modified. You’d be able to verify your own copy of the app (in principle), and continue to use it as long as you’d like.

Finally, I wanted to let the user create private drops. Since files were already stored on IPFS, a public network, I needed a way to ensure that the user could create private drafts. This was a little tricky because the entire point of the app is to be zero-trust. I didn’t want to store any data in a centralized manner.


I was able to get the app to encrypt and/or hash documents, and publish the hashes onto the blockchain, retrieve the files, and then decrypt them. I also generated unique URLs for each drop that could be shared on sites like Twitter:



I was a little too ambitious about what I wanted to accomplish. There were many yaks worth shaving. Should I have leaned on making the site easy to newcomers to use? This was a monumental task in itself. This meant putting in copius amounts of error handling logic around ensuring that the user has MetaMask installed, is on the right network, has a balance, etc. And because gas fees randomly spike, would it be worth pulling this data? What can I expect the user to know about IPFS?

Some highlights:


HTML CSS JavaScript JSX TypeScript Solidity
← Previous
Ghost Tabs Chrome Extension
Next →
Crabby Keys