Drosera

Build exploit/risk detection contracts with Drosera’s Trap framework

Bounty Description:

• Drosera is building the application security economy, innovating a new category of web3-native security products: decentralized incident response. dApps and middlewares utilizing our technology delegate security to a network of node operators using solidity smart contract code.

Resources for Hackathon:

• https://github.com/drosera-network/examples
• https://github.com/drosera-network/trap-foundry-template
• https://dev.drosera.io/docs/intro
• https://de.fi/rekt-database
• https://github.com/SunWeb3Sec/DeFiHackLabs

Prize Amount - $2,500

What is required to complete this prize?

To qualify for a prize, the developer must:

• Fork the drosera examples repo
• Create one or many Trap contracts that serve a use case for risk mitigation, exploit mitigation, or as an example for mitigating a real-world exploit in the past
• Leveraging the examples, make a forge test showing how the Trap detects its incident
• Optional: Hook the Traps isValid result up to a response function
  • This could involve deploying a new version of a protocol with a pause function that can only be hit by the Trap you created
• NOTE: given that the Drosera protocol is still in development, a full integration is not required, just Trap creation.

What does success look like? What are possible features that you are looking for?

One path to success is creating a Trap that can detect a real-world exploit. Many exploits can be found in this rekt-database (https://de.fi/rekt-database). Defi Hack Labs also has a great repo for seeing past exploits with foundry (https://github.com/SunWeb3Sec/DeFiHackLabs). It also helps to have the mindset of trying not to reverse engineer an exploit but rather monitor what matters. Here is a good thread on the topic https://x.com/0xkr8os/status/1780299478664093879?s=46&t=qcKDEj-3e8-lrTfvoZn7tg

Another path to success would be to create a Trap that performs risk mitigation, some examples of this can be found in our example repo readme (https://github.com/drosera-network/examples). Lastly, creating Solidity libraries that could help in Trap Creation would also be a fine addition.

What are the UI/UX Design Requirements?

Given that the expectation is to develop a trap and testing it in foundry, there is no requirement on UI/UX. However, everyone likes a pretty picture, so we aren't opposed to something creative.

What are examples of use cases you are looking to solve?

Check out the examples database for more insight. https://github.com/drosera-network/examples

How are you judging this bounty? What specific criteria do projects needs to be aware of?

The project will be judged for best use case of Trap performing exploit/risk detection, most creative Trap use case, completeness, and complexity. We are aiming to put the biggest weighting on whether the Trap solves a real-world exploit or the Trap can be used for risk mitigation for real protocols.

Is the use case meaningful?

It's important to understand that we are looking to see real-world use cases but we also believe that creativity is important to hackathons, in order to show what is possible.

Is the demo awesome?

A demo can involve showing the trap simulation running and output from the trap detecting an incident and walking through the use case. It would be cool to see the trap running every block using a script also but that isn't required.

Movement

Move-Powered Modular Ecosystems with Movement Labs

Movement Labs has developed the first modular framework that enables developers and projects to build and deploy Move-based infrastructure, applications, and blockchains in any distributed environment. This framework is designed to streamline the creation and deployment of Move-based systems across various networks. Their initiative not only enhances the capabilities of the Move programming language but also promotes its adoption across diverse sectors, including decentralized finance (DeFi), gaming, and non-fungible tokens (NFTs). Termed "Limitless Integration," this approach allows developers to overcome traditional platform-specific barriers.

To further optimize development,  Movement Labs champions a "Unified Codebase," where a single codebase is utilized across multiple platforms, thereby reducing redundancy and increasing efficiency. This strategy is implemented in their flagship product, the Movement network. The Movement network operates on a permissionless basis and is currently implemented as a Celestia or  EigenLayer rollup. Although Movement is still in the devnet phase, it is a pivotal development in redefining how Move-based blockchains are deployed and interacted with.

The Movement SDK, a crucial part of the Movement ecosystem, plays an essential role in this integrated network. It reduces the complexity of deploying decentralized applications across modular blockchain networks, enabling seamless integration for developers and infrastructure providers through a single command-line interface (CLI). By facilitating such integrations, Movement Labs ensures that developers have the necessary tools to create secure, efficient, and versatile decentralized applications.

• Website:https://movementlabs.xyz/
• Developer Docs:https://docs.movementlabs.xyz/

Development of Actively Validated Services (AVS) Using Movement Labs and EigenLayer Technologies

Bounty Objective:

The goal is to challenge participants to leverage the unique capabilities of both Movement Labs and EigenLayer to develop AVS that enhance the Ethereum ecosystem. This includes using Movement Labs’ SDK or other technologies to foster seamless integration and functionality enhancement.

Bounty Description:

• Overview: This challenge invites participants to create AVS applications that utilize EigenLayer’s extensive features, including but not limited to restaking. Applications may include new virtual machines, data availability layers, oracle networks, bridges, and other innovative solutions that can operate under the shared security model of Ethereum, enhanced by EigenLayer.
• Technical Requirements: Submissions must integrate EigenLayer’s capabilities with Movement Labs’ technology stack, particularly the Movement SDK. Solutions should demonstrate how they utilize EigenLayer’s restaking and other AVS functionalities to extend security and operational efficiencies within the Ethereum ecosystem.
• Expected Outcomes: Projects should demonstrate practical applications of AVS in improving Ethereum’s scalability, and security, or adding new functionalities. The solution should showcase how the integration of Movement Labs and EigenLayer technologies can lead to significant enhancements in blockchain infrastructure.

Requirements for Participation:

• Participants must use the Movement SDK to develop their solutions.
• Applications should be deployable on Movement, making full use of their infrastructure and capabilities.
• Integration with EigenLayer's security features, like restaking, is encouraged to enhance application robustness and scalability.

Judging Panel and Criteria:

Overview: The judging panel will consist of industry experts with significant experience in blockchain development, smart contract security, and advocacy. Their role is to evaluate each submission based on the predefined criteria to ensure fairness and to identify projects that exhibit exceptional innovation, technical merit, and market viability.

Key Judge Introduction:

Name: Jordan Bishop

Title: Head of Advocacy, Movement Labs

Experience: With four years of extensive experience in blockchain development and smart contract security, Jordan has been instrumental in advancing Movement Labs' mission. As the Head of Advocacy, they facilitate all operations related to developer growth, including both internal and external initiatives aimed at enhancing the blockchain community's capabilities and integrating new technologies.

Name: Andy Golay

Title: Solutions Engineer, Movement Labs

Andy has developed multiple viral applications within the gaming and NFT sectors on the Sui platform before its mainnet launch. He possesses substantial experience in mathematics education, encompassing both teaching and curriculum development. Additionally, Andy owned a prosperous Web2 business for several years, where he managed SEO, web application development, and creative production for a six-figure digital downloads and coaching business that employed two people.

Judging Criteria for developers on movement:

• Innovation: Originality of the application and its potential impact on the blockchain ecosystem.
• Integration Quality: Depth of integration with EigenLayer’s and Movement Labs' technologies, demonstrating enhanced functionality and user experience.
• Market Viability: Relevance of the application in addressing real-world needs and its potential for widespread adoption.

Prize

Total Bounty: $3,500 USDC + $30K in later grants

• 1st Place: $1,750 + $10k grant to continue building (must deploy mainnet)
• 2nd Place: $1,000 + $10k grant to continue building (must deploy mainnet)
• 3rd Place: $750 + $10k grant to continue building (must deploy mainnet)

$500 for up to 10 honorable mentions

OpenLayer

Integrate with OpenLayer's oracle on Holesky testnet and request or use the provided commodity prices in the project.

Prize Amount: $1,000

• Docs: https://openlayer.gitbook.io/openlayer/get-started/openoracle/for-data-consumers

• Website: https://openlayer.tech

Brevis

Build Data-driven dApps with Brevis ZK Coprocessor

Bounty Description

Brevis allows smart contracts to trustlessly read historical on-chain states/tx/events and run customizable computations on top at low cost, enabling data-driven dApp UX. No ZK knowledge is required. Build with Brevis and win amazing prizes.

Prize Amount: To be announced later.

• What is required to complete this prize?

Developers are required to integrate Brevis SDK 2.0 into their dApps successfully. The dApps should access historical blockchain states, transaction and/or events, and run customized business logic/computation on those data through Brevis ZK Coprocessor.

The integration should be meaningful: accessing historical states that are also available in the current blockchain states does not count as successful integration.

To qualify for the first prize, the dApp must write customized and meaningful computation logic on the data accessed. Simply utilizing historical on-chain data without any computation does not qualify for the first prize.

We do consider partial or incomplete integration on a case-by-case basis. For submissions aiming to solve real-world use cases with a clear path towards full integration, we will most likely issue the full amount of the bounty.

• What does success look like? What are possible features that you are looking for?

Examples:

An good example of a successful integration is a trading-volume-based fee discount feature in Uniswap v4. You can find example code for this in the Brevis SDK repo.

To understand the core concept of Brevis and what sample apps you can build with it, we recommend reading this blog post.

Other examples and inspirations can be found in Brevis's blog and twitter. Specifically check out this introduction blog post

• What are the UI/UX Design Requirements

Basic UI is preferred to demonstrate the idea. However, it is not a hard requirement to qualify for bounties. We focus more on the core flow of integrating Brevis and the meaningfulness of such integration.

• What are examples of use cases you are looking to solve?

1. To understand the core concept of Brevis and what you can build with it, we recommend reading this Uniswap v4 hook example and this introduction blog post
2. Some specific ideas are: Uniswap v4 hooks based on traders' historical trading behaviors

Loyalty and user retention features in DeFi, gaming and others

User-gating features based on historical user behaviors

Trust-free active liquidity management solutions using Brevis to prove on-chain triggers

Smart wallet recovery features based on user behavior and on-chain financial connections

• How are you judging this bounty? What specific criteria do projects needs to be aware of?

Is the use case meaningful? Many top-tier DeFi protocols are already solving real-world challenges and implementing features that were not possible before using Brevis. We believe you can do that too. Therefore, we put the biggest weight on whether the submission actually aims to solve a real-world challenge or to build a useful feature through the paradigm-shifting power of ZK coprocessors. Therefore, we also accept partial implementation submissions.

Is the implementation complete? We also look at whether the implementation is well-executed. We are here to help.

Is the demo awesome? We put less focus on UI/UX. However, amazing demo always helps to deliver the idea better!

WitnessChain

a. DePIN: Usecases on WitnessChain

Dwell down on WitnessChain DePIN usecases, design your tech and product roadmap & pitch to the team

b. WitnessChain empowered Rollup Watchtower

This acts as part of Track 6 where developers can build and execute logic on dApps dictated by rollup state & do more with watchtowers.

Benefits:

• get a chance to join the team
• your project gets resources and incubation support from the team

https://docs.witnesschain.com/diligence-watchtowers/introduction

Polymer

Implementation Guide: Cross-Environment Operations Bridge

Prize Amount: $10,000

Objective:

Develop a operator registry and multisig contract that operates across Optimism and Base Sepolia using Polymer. This system should integrate a mechanism where Polymer-related events on Sepolia could theoretically trigger AVS-specific actions on Holesky (via off-chain event listeners or lite nodes). The full vision of this project will need to implement a two-part system: a operator registration and multisig contract on Optimism and Base Sepolia, and a parallel AVS management system on Holesky. These systems will interact with each other to send data, and ensure security measures across multiple chains. The Objective of this Hackathon bounty is to implement the first part of this system: an operator registration and multisig contract that operates across the Optimism and Base Sepolia networks using Polymer. This application is foundational, enabling the future integration of an AVS that will verify and potentially implement slashing mechanisms for disputed transactions.

System Overview:

The Polymer bounty project involves creating a cross-chain multisig contract that functions across Optimism and Base Sepolia using Polymer Hub. This will later enable an AVS to verify transactions and enforce security measures such as slashing in cases of disputes. Development Focus Areas: Polymer Cross-Chain Transactions: Implement and test secure cross-chain multisig transactions. Event Handling: Design mechanisms to handle events that are critical for multisig operations and future AVS integration.

Implementation Steps:

1. Multisig Application Deployment:

• Deploy a multisig smart contract on both Optimism and Base Sepolia that interfaces with Polymer’s infrastructure.
• Design the contract to handle cross-chain transactions and to be capable of initiating events that need to interact with the AVS system on Holesky.

1. Operator Registry Smart Contract: Create a smart contract that manages node operators' addresses and signatures across both chains, enabling secure operations and verification processes.
2. Documentation and Standardization:

• Document the entire process, focusing on the interaction between multisig transactions and AVS responses.
• Standardize the interface calls to align closely with IBC standards, ensuring that the system is robust and can be extended or adapted in the future.

Innovation:

This project addresses the foundation to integrate AVS’s into blockchain interoperability solutions. AVS’s can solve challenges of blockchain interoperability by enhancing both performance and security across different blockchain environments. Creating a multisig contract that communicates over two different blockchains, opens up possibilities for more complex and secure decentralized applications that can operate across multiple blockchain ecosystems, which can be secured through an AVS. Integrating and AVS not only adds additional security on-top of the multi-chain multisig, but also could improve the finality and speed of cross-chain transactions by pre-verifying transactions.

Full writeup here: https://forum.polymerlabs.org/t/hack-avs-polymer-bounty/746

Inco Network

Killer use case leveraging Confidential Compute

Prize Amount: $2,500

Bounty Description:

Utilize our cutting-edge FHE (fully homomorphic encryption) tech to deploy confidential smart contracts with our fhEVM (FHE + EVM). Solidity knowledge is all you need, as our fhEVM streamlines the cryptography complexities. Build confidential application on Inco.

What is required to compete in this prize?

To be competitive for this prize, the submission must leverage Inco and it's confidentiality in some function. The more unique and creative the application is, the better.

What does success look like?

Success for this track looks like building an application that leverages Inco in a significant and functional way. The application should be useable and should solve a pain point that is native to completely public blockchains. The solution should also show deep understanding of how Inco works and the problems that our tech addresses.

What are the UI/UX Design Requirements?

Optional, but a great way to get bonus points. For extra bonus points incorporate our brand colors, and design elements conducive with confidential blockchain.

What are examples of use cases you are hoping to solve?

Confidential payments, gaming, private voting, identity solutions leveraging FHE, data marketplaces. Find more here: https://fhevm-explorers.notion.site/fhevm-explorers/fhEVM-Novel-Use-Cases-c1e637b0ca5740afa7fe598407b7266f

Check out our docs for some example code: https://docs.inco.org/getting-started/example-dapps

Check out the Inco arcade for fully built applications using Inco: https://arcade.inco.org/

Winning teams have the opportunity to become part of our Builders Program. This program is led by a team of experienced Web3 veterans who possess deep expertise in the cryptocurrency industry. Participants will receive structured support, mentorship, and a chance for grant/funding, designed to enhance their project's success and growth within the Web3 ecosystem.

How will Inco be judging this track?

The submision will be judged on the creativity of the solution, the degree to which Inco was leveraged, and the scale of the pain point the solution solves.

Submission should include:

• List of team members
• Video demo (5min max)
• GitHub
• Clickable demo
• Short description of project and how it leverages Inco

Join our Discord here to ask our team any questions you have!