bounties

This platform offers a secure and privacy-focused way for bug bounty hunters to prove they received official recognition for their findings, without revealing any sensitive details such as the reward amount or the contents of the communication. Instead of relying on easily manipulated screenshots or revealing personal information, the system uses a trusted verification process that confirms three key facts: that the message came from an authorized bug bounty organization, that it includes a valid reward and bug severity confirmation, and that the individual genuinely owns the associated email account. Once verified, a digital badge is issued to publicly represent the achievement. This badge is permanently linked to the individual but cannot be transferred, ensuring authenticity and ownership. It includes essential information like the type of recognition, severity of the bug, verification date, and a reference that ensures data integrity. All verified badges are then collected and displayed on a public dashboard, which gives access to everything to see and interacts with these NFTs and the leaderboard.

Basically this platform provides an easy zkp email interface, to validate the integrity of bounty claims that some researcher do claim in social media while preserving their privacy while giving them a room to flex on their socials. I created the registry (verifier) and the prover and deployed them thro vlayer backend sdk, this part of the project is responsible for generating the proof from the email and verify its integrity. The 2 contracts not only verifies and proves but also mint NFT from every single submission, this NFT make up a badge that can be deployed on chain. The frontend app is running on top of blockscout SDK, which provides a nice interface into monitoring the chain and fast query/verify the transactions. The badges are also used to create a reputation based on performance that means, the more bugs you find the more merits you collect.