1. Executive Summary
This proposal introduces a Verified Sandbox Asset Embed Toolkit, a lightweight solution that allows creators to export, verify, and showcase Sandbox avatars and assets across the web. By combining VoxEdit exports with IPFS storage and blockchain-based verification, the toolkit enables users to embed assets anywhere whether websites, profiles, or marketplaces, while displaying a trust badge that confirms authenticity and ownership.
The project’s goal is to make Sandbox assets more interoperable, visible, and verifiable outside the game environment, improving trust for both creators and players. This directly supports the DAO’s mission to expand creator empowerment, increase ecosystem adoption, and encourage innovative cross-platform use of Sandbox assets.
2. Problem Statement
When a Sandbox creator posts a 3D model on the web, anyone can save the file and repost it. Most viewers show a spinning model and nothing else. No contract or token ID or even file fingerprint. A copy looks identical to the original. Fans cannot tell the difference. Partners cannot trust what they are seeing. Creators lose credit, time, and sales.
The damage is real and disturbing. Copycats get the clicks while legit work is ignored by galleries and blogs because there is no quick way to confirm authenticity on the page. Low quality reposts flood feeds and search results, and the whole ecosystem looks weaker than it is.
Common fixes like A watermark proves nothing about the file itself. Sending people to a marketplace breaks the moment of interest and many never return. Also, manual checks do not scale.
Why now.
VoxBridge made exporting simple, so more Sandbox models are out in there every week. Without an on page proof that this file matches this Sandbox NFT, creators stay exposed and partners keep hesitating. A verified embed restores trust at the exact moment people are looking.
3. Proposed Solution
What it is
A small open-source web component plus a VoxBridge add-on that lets any page display a Sandbox model with on-page proof. The embed shows the model and a status: Verified when file, NFT, and signature match and Unverified when they do not.
A tiny manifest (signed by the creator) carries the file hash, contract, token ID, license, and signer. (Badge indicates a cryptographic match to a Sandbox NFT, not an official endorsement.)
Technologies used
- File integrity: SHA-256 via WebCrypto in the browser
- Creator proof: EIP-712 typed-data (domain-separated) default, EIP-191 fallback
- On-chain checks: ethers v6 reads Polygon for contract and token ID ownership with dual RPC failover
- Asset delivery: IPFS or HTTPS with multi-gateway fallback
- Rendering: web component using three.js or
<model-viewer>
Connection with The Sandbox tools
- VoxEdit: export GLB/GLTF as usual
- VoxBridge:
voxbridge embedwrites the signed manifest and outputs a ready-to-paste snippet - Marketplace: info panel links to View on The Sandbox for the referenced NFT
User experience
- Creators: export model, generate snippet via no-code web generator or
voxbridge embed, paste into a site or blog. If scripts are blocked, use the hosted viewer link or iframe - Audiences and partners: see the 3D model, Verified or Unverified badge, contract, token ID, current owner, license, and a link to The Sandbox. No logins or wallet needed
- On-page checks: load model, hash file, verify EIP-712 signature, confirm Polygon ownership, display status. If networks fail, degrade to Unverified with a short diagnostic note
Why this is the right solution
- Proof at the point of view: authenticity is confirmed on the same page where the model appears
- Sandbox-specific trust: binds a file to a real Polygon contract + token ID, shows license and deep link; not just a generic viewer
- Safe and lightweight: client-side verification, open standards, no reliance on private/internal Sandbox APIs, easy copy-paste adoption
- Immediate utility: creators keep credit, partners gain confidence to feature work, and traffic flows back to Sandbox asset pages without leaving the page
4. Team
Our team recently collaborated with the Sandbox DAO Grant to successfully build and launch VoxBridge, a widely adopted voxel asset converter. We delivered this open-source toolkit within just three weeks, rapidly solving a core Sandbox developer pain point and empowering creators to seamlessly integrate their assets into Unity and Roblox; demonstrating our deep understanding of the Sandbox ecosystem and technical execution capability.
| Name | Role | Relevant Experience |
|---|---|---|
| Abdulkareem Oyeneye | Project Lead | Experienced Web3 growth strategist and product manager specializing in identifying developer pain points and protocol infrastructure needs. LinkedIn |
| Gospel Ifeadi | Smart Contract & Backend Engineer | Rust, Python, JavaScript expert with extensive experience in backend automation, smart contract development, and dApps. X |
| Emmanuel Charles | Blockchain & QA Engineer | Experienced in Rust, TypeScript, and C++; dual expertise in smart contract development and rigorous blockchain quality assurance. LinkedIn |
5. Technical Details
Type of integration
Distribution-side verification for Sandbox assets on the open web. No minting, staking, or on-chain writes. The component cryptographically verifies that a displayed GLB/GLTF corresponds to a Sandbox NFT and that the file was approved by the creator.
Standards and protocols
- NFTs: reads ERC-721 ownership and ERC-1155 balances on Polygon
- Signing: EIP-712 typed-data (domain-separated) default; EIP-191 fallback
- EIP-712 domain (v1):
name,version,chainId,salt(omitverifyingContractunless a registry is introduced later)
- EIP-712 domain (v1):
- Hashing: SHA-256 via WebCrypto (incremental/chunked)
- Rendering: three.js or
<model-viewer>for GLB/GLTF
Contracts and external tools
- No new smart contracts in v1
- Optional creator signing in the web generator via WalletConnect v2; CLI signing uses the creator’s local wallet
- On-chain reads via ethers v6
- Authenticity allowlist: a community-maintained JSON of known Sandbox collection contracts with a documented update process; non-listed contracts render with an “unknown collection” notice
Infrastructure
- Core verification runs client-side; no backend required for the core flow
- Polygon RPC: two endpoints with auto-failover and backoff (configurable)
- Storage: IPFS (multi-gateway fallback) or HTTPS for models/textures/manifests
- Pinning responsibility: creators should pin their assets/manifests; unpinned content may become unavailable
- CORS: hosts are responsible for enabling CORS on HTTPS assets; lacking headers will prevent loads
- Hosted viewer: lightweight page/iframe for platforms that block custom scripts
Operational flow
- Creator exports GLB/GLTF from VoxEdit
- Creator generates a signed manifest and HTML snippet via the no-code web generator (WalletConnect) or
voxbridge embed(CLI) - Viewer loads the model, computes SHA-256 (with progress for large files), verifies the EIP-712 signature on the manifest, and confirms Polygon ownership/holdings for
contract + tokenId - On-page status: Verified if all checks align; otherwise Unverified with a short reason
- ERC-721: shows current owner (as of query time)
- ERC-1155: shows multi-holder semantics (no single “owner”)
Privacy and security
- All checks occur in the browser; no private keys or PII leave the device
- EIP-712 domain separation mitigates cross-app replay
- If RPC or IPFS are unavailable, the component degrades to Unverified with best-effort diagnostics
- Brand-safe disclaimer: the badge indicates a cryptographic match to a Sandbox NFT and is not an official endorsement
Interaction with The Sandbox experiences
- To the best of our knowledge, no known overlap with public core roadmaps; the viewer is fully client-side/on-chain and does not rely on private/internal Sandbox APIs
- The info panel deep-links to View on The Sandbox for the referenced NFT and can optionally link to a creator’s experience page
- Net effect: supports safer, wider distribution and is expected to drive traffic back to Sandbox profiles, marketplace listings, and experiences
6. Budget & Work Plan
Budget Table
| Category | Amount (USD) | Justification |
|---|---|---|
| Web3 Development | $4,200 | EIP-712 signing/verify, hashing pipeline, ethers v6 reads, CLI tooling, test harnesses |
| Sandbox Integration | $3,300 | <vox-embed> web component, VoxBridge embed command, snippet generator |
| Web3 Infrastructure | $1,500 | RPC credits (dual providers), IPFS pinning for demo assets/manifests, CDN |
| Design / UX / QA | $1,500 | UI polish, accessibility pass, perf tests, large-file hashing progress |
| Activation & Support | $1,500 | Docs, examples, quick-start guides, partner pilot support window |
| Other (contingency) | $1,000 | Buffer for fixes, minor tooling, unforeseen integration tweaks |
| Total | $13,000 |
Milestones:
Milestone 1: Week 1
- Key deliverables: Manifest v1 spec, incremental hashing + progress, minimal
<vox-embed>viewer, RPC/IPFS scaffolds, basic Verified/Unverified, draft docs - Budget: $4,000
- Estimated completion: Week 1
-
- Budget release: 31%
Milestone 2: Weeks 2–3
- Key deliverables: Full verify path (SHA-256, EIP-712, ERC-721 owner / ERC-1155 balance), info panel, known Sandbox contract allowlist,
voxbridge embedcommand, hosted viewer/iframe, reliability failovers, docs v1 - Budget: $5,000
- Estimated completion: Week 3
- Budget release: 38%
Milestone 3: Week 4
- Key deliverables: Performance + accessibility pass, examples/templates, final docs + troubleshooting, public npm + release notes, demo page + short tutorial, pilot handoff
- Budget: $4,000
- Estimated completion: Week 4
- Budget release: 31%
7. DAO Alignment & Impact Measurement
How does this contribute to decentralization and community empowerment?
- Core verification runs client-side; distribution via CDN and an optional hosted viewer.
- Creators sign their own manifests and choose licenses; no custody or private keys on-page.
- Community-maintained list of known Sandbox collection contracts with a documented update process.
- Open-source code and docs enable fork, audit, and reuse.
Does it improve the player or creator experience in a measurable way?
- Creators get a copy-paste embed with an on-page trust signal; no login or redirect.
- Audiences see Verified/Unverified, ownership, and license without leaving the page.
- Partners can feature Sandbox work with greater confidence.
- Measurable via time-to-verify, verified-load rate, and click-throughs to Sandbox pages.
Does it promote interoperability, accessibility, or innovation within the ecosystem?
- Uses open standards: EIP-712, WebCrypto, IPFS, Polygon reads.
- Works on most sites that allow custom HTML and third-party scripts; CSP/CORS may require configuration.
- Hosted viewer/iframe available where scripts are blocked; no wallet needed to view.
- Binds a web model to a real Sandbox NFT, complementing VoxEdit and VoxBridge with a distribution-layer trust check.
How will the impact be tracked?
- Opt-in, aggregated telemetry (off by default) in the hosted viewer: verified loads, failure reasons, and click-throughs to View on The Sandbox.
- NPM/GitHub signals: installs, issues, releases.
- Adopter signals: documented creators/partners and any LOIs obtained.
- Support metrics: time to first response and resolution.
What KPIs will be used to evaluate success?
- Targets for the first 60–90 days (subject to creator adoption):
- 200+ verified embeds live across creator and partner sites
- 50+ projects using
voxbridge embedto generate manifests/snippets - >60% of loads showing Verified status
- 5–10 partner galleries or media pages integrating the component
- Tracked CTR to Sandbox marketplace pages with an aim to improve over baseline
- Package downloads and repository activity monitored over time
8. Attachments
How did you hear about the Sandbox DAO Grants Program?
Through previous engagement and proejcts.