Strava Segment Attestations
-
Project Context
What if your athletic performances could become permanent cryptographic proofs? Strava achievements remain locked within the app today, with no way to prove them verifiably elsewhere.
Strava Segment Attestations creates a bridge between the sport world and Web3, allowing athletes to transform their completed Strava segments into permanent onchain attestations on the Linea blockchain.
Value Proposition
For Athletes
Permanence: unlike screenshots, attestations are immutable
Verification: anyone can verify the authenticity of your performances
Portability: your achievements follow your wallet, not an app
Ownership: you own your athletic credentials
Composability: usable in any Web3 application
For the Web3 Ecosystem
-
Proof of Physical Activity: a new primitive for proving human engagement
-
Sybil Resistance: completing segments requires real physical effort
-
Real Credentials: authentic achievements for gaming and DAOs
How It Works
User Flow
-
Strava Login — OAuth 2.0 with
activity:readpermissions -
Browse Activities — Display of recent activities with their segments
-
Select Segment — Choose the segment to attest
-
Connect Wallet — Link to an Ethereum address
-
Create Attestation — Backend signature + onchain transaction
Backend Verification
The backend:
-
Fetches the activity via the Strava API
-
Verifies the segment is part of the activity
-
Signs the data via EIP-712
-
Returns the signature to the frontend
Onchain Attestation
The signature enables the smart contract to create a verified attestation:
// Schema: (uint256 segmentId, uint64 completionDate)
struct SegmentPayload {
uint256 segmentId; // Unique Strava ID
uint64 completionDate; // Completion timestamp
}Technical Architecture
Monorepo
The project uses a pnpm monorepo architecture:
strava-segments-to-attestations/
├── packages/
│ ├── contracts/ # Solidity smart contracts
│ ├── frontend/ # React/Vite application
│ ├── functions/ # Netlify serverless functions
│ └── shared/ # Shared typesSmart Contract: StravaPortal
The custom Verax Portal implements multiple security measures:
-
Verify subject is a valid address
-
Verify caller is the subject
-
Verify fee
-
Verify backend signature
EIP-712 Signature
The EIP-712 domain binds the signature to the contract and network:
const domain = {
name: "VerifyStrava",
version: "1",
chainId: 59144,
verifyingContract: "0xe1301b12..."
};
const types = {
Segment: [
{ name: "segmentId", type: "uint256" },
{ name: "subject", type: "address" }
]
};Security
Segment Verification
Only actually completed segments can be attested:
-
Backend verifies via the official Strava API
-
Signature can only be created by the authorized backend
-
Contract verifies the caller matches the subject
Replay Protection
-
Domain separator includes chainId and contract address
-
Each signature is bound to a specific address
-
Minimal fee discourages abuse
Rate Limiting
-
Per-IP limitation on OAuth and signature endpoints
-
Short-lived access tokens
-
Automatic refresh of expired tokens
Deployed Contracts
Linea Mainnet: 0xe1301b12c2dbe0be67187432fb2519801439f552
Linea Sepolia: 0xc04228f66b1aa75a2a8f6887730f55b54281e9d9
Schema : 0xc1708360b3df59e91dfd33f901c659c0350461e6a30392d1e3218d4847e6b20d
Future Use Cases
Event Qualification
Event organizers can require attestations of specific segments as registration prerequisites.
Fitness DAOs
Governance based on verified athletic performances.
Web3 Gamification
Badges, rewards, and access based on real achievements.
Insurance/Wellness
Activity proofs for wellness programs.
Technical Stack
Smart Contracts
-
Solidity
-
Hardhat
-
OpenZeppelin
-
Verax Contracts
Frontend
-
React
-
Vite
-
wagmi / viem
-
TanStack Query
-
React Router
Backend
-
Netlify Functions
-
Node.js
-
TypeScript
-
Strava API
Shared
-
TypeScript
-
tsup (build)
Resources
|
Note
|
Strava Segment Attestations is the first project to enable onchain attestation of Strava athletic performances, paving the way for a new category of "Proof of Physical Activity" credentials. |
Verax
Linea
Wagmi
