pull down to refresh
140 sats \ 4 replies \ @nullcount 18 Feb \ on: Looking 👀 for a Bitcoin-based bug bounty solution. bitcoin
I like "vote with sats" machanic as a way to prioritize features. But there's a lot of trust involved with actually paying out the reward.
Why wouldn't I just wait for dozens of submissions and pick the best one?
Who decides whether the bounty is 100% complete?
What if multiple people complete the bounty? Who decides which person should receive the reward? Should you split the reward?
The kind of mercenary devs that seek bounties probably aren't going to convert to long term contributors of your projects.
LLMs can ingest your requirements and instantly give you a code submission for insanely cheap.
Robosats has a bounty program. Its all handled by github issues. They just have a markdown file that tracks all the active bounty issues in a table. You complete the issue, send an LN invoice and get paid if they want to pay you :)
Trust is definitely the main concern.
The company's reputation could be leveraged in this process. If the bounty is clearly defined with specific milestones and KPIs, that might be sufficient.
To manage participation, a whitelist can be implemented. This means that anyone wanting to take part in a specific bounty must be approved by the bounty organizer. Additionally, the number of whitelisted participants working on a bounty can be publicly displayed.
The bounty itself should be complex enough to deter mercenary developers while incentivizing high-quality contributors.
reply
Sounds like employing a contractor with extra steps...
reply
Community builders != contractors
The goal here is to incentive the community around a project. People can top up the sats vault for a specific feature. Other can help. Collaborative tool with Bitcoin rewards.
reply
Hence, the extra steps...
reply