Table of Contents
BNB Chain 2024 Q3 Hackathon – Annual Sponsors
Polyhedra
Challenge: zklightclient for BSC
In this challenge, you will need to use zero-knowledge proof to prove the correct execution of the VerifyHeader function.
Rewards
- Total Reward: $5,000
- 1st Place Winner: $3,000
- 2nd Place Winner: $1,500
- 3rd Place Winner: $500
Goal
You need to be able to prove the correctness of one BSC blockheader using Expander by implementing your code in Gnark and compiling it through the Expander Compiler Collection.
Documentation
Please refer to the following resources for detailed information and guidelines:
Submission
Participants are expected to submit the following:
- Project Description: A brief overview of your project and its objectives.
- Technical Documentation: Detailed documentation of the code, architecture, and any other technical aspects.
- Demo Video: A short video demonstrating the functionality and features of the project.
- Source Code: The complete source code of the project, uploaded to a public repository (e.g., GitHub).
- Submission Links: Provide your GitHub repository link, a link to your project presentation in PPT format, and a link to your demo video. Email these links to [Email Address TBD].
- Completion Document: A document describing which components of the project you have finished and which are not.
Judging Criteria
Projects will be judged based on the following criteria:
- Performance: How well does the project perform in terms of speed, efficiency, and reliability?
- Completeness: Are all required features and functionalities implemented and working correctly?
- Extension Functionality (Bonus): Are there any additional features or functionalities that go beyond the basic requirements?
Contact
If you have any questions or need further assistance, please reach out to us in Discord at https://discord.gg/polyhedra-network.
Dora Factory
Challenge: A-MACI Circuit Bug Bounty
A-MACI (Anonymous Minimal Anti-Collusion Infrastructure) is one of Dora Factory’s solutions to address the scalability issues in decentralized governance, such as quadratic governance. Based on Zk-SNARK/PLONK, it ensures privacy for on-chain voting by offering credible results without public voting details, preventing voter verification and collusion. Voting details are hidden from administrators, enabling a trustless, anonymous voting mechanism and allowing anyone to become an A-MACI operator.
The circuit is the most crucial part of a Zk-SNARK system. If there are issues with the circuit, such as missing necessary constraints, it could provide attackers with means to forge proofs, compromising the system’s security.
If you can find bugs in the circuit and even provide solutions, you can receive a bounty reward.
Reward
Minor Bug: $300 each
Major Bug: $1500 each
Contact
Please contact @dorahacksofficial via Telegram for any questions regarding the bounty.
Diego.Finance
Challenge: Integrating AI and Gaming with the BNB Chain and other protocols to attract a new generation of unique users.
Integrating AI and Gaming with the BNB Chain and other protocols to attract a new generation of unique users.
Reward
- Dego.Finance will grant a $1,000 token bounty for deploying applications onto Testnet, and the top three solutions will receive a $3,000 token bounty for their exceptional features.
- Applications that continue development and launch frontends and commit to mainnet deployment will be considered for a $5,000 token grant.
- Teams interested in participating are encouraged to contact contact@dego.finance to discuss more tailored grants, feedback, and support.
Goal
To discover the optimal solution for integrating AI and Gaming with the BNB Chain and attracting a new generation of unique users to the BNB Chain and other protocols. This involves leveraging the potential of gaming within the blockchain ecosystem to create immersive and engaging experiences.
Judging Criteria
- Innovation and Creativity: The integration of AI and Gaming with the BNB Chain and other protocols will be evaluated based on how innovative and creative the solution is.
- Solutions that introduce new concepts or significantly improve existing ones within the blockchain gaming ecosystem will score higher.
- Technical Implementation: Judges will assess the quality of the code and documentation provided in the GitHub link. The solution should leverage the capabilities of the BNB Chain and other protocols effectively. Additionally, the solution’s deployment and functionality, as demonstrated by the product URL, will be crucial factors.
- User Experience and Engagement: The gaming experience created by the solution will be judged on its ability to engage and immerse users. Solutions that effectively attract and retain a new generation of unique users will be rated higher.
- Practicality and Usability: Practicality and usability in real-world scenarios are important criteria. The solution should be scalable and sustainable in the long term.
- Impact on the Blockchain Ecosystem: The solution’s contribution to the growth and development of the BNB Chain and the broader blockchain gaming ecosystem will be considered. Solutions that promote broader adoption of blockchain technology will be favored.
THENA
Challenge: Memecoins for Good
“Memecoins for Good” is this quarter’s theme focus with an emphasis on creating memecoins that leverage THENA’s innovative ve3,3 gauge voting system. The memecoin concepts should embody the spirit of community building, fair distribution, and charity.
Goal
- The goal is to design a memecoin that:
- Utilizes THENA’s ve3,3 gauge voting system.
- Incorporates a charity element within its tokenomics.
- Ensures fair distribution among the community.
- Promotes the ethos of building for the greater good.
Requirements
- Tokenomics Integration:
- Gauge Voting System: The memecoin should integrate THENA’s ve3,3 gauge voting system to incentivize liquidity and community engagement.
- Charity Element: A percentage of each transaction should automatically be allocated to a charity wallet. The community will vote on which charities receive the funds through the gauge voting system.
- Fair Distribution:
- Initial LP Lock: The initial liquidity pool (LP) must be locked for a minimum of 12 months to ensure stability and trust.
- Fair Launch: Implement mechanisms such as airdrops, staking rewards, and public sales to ensure wide and fair distribution of tokens.
- Anti-Whale Mechanisms: Introduce features to prevent large holdings by single entities, ensuring decentralization.
- Community and Transparency:
- KYC Requirements: The project team must complete KYC with either THENA or BNB Chain to ensure transparency and legitimacy.
- Charity Voting: Allow the community to vote on charity allocations, fostering a sense of ownership and responsibility.
Reward
Total Prizes: $10,000 plus a veTHE allocation for the winning project(s).
Submission Guidelines
- Deadline: Submissions must be received by [specific date].
- Requirements: Detailed project plan, tokenomics, smart contract prototype, and KYC completion.
- Evaluation Criteria: Innovation, integration of ve3,3 system, charity impact, community engagement, and fair distribution mechanisms.
Expected Timeline
Q3 2024: Concept development and submission.
Q4 2024: Finalization and launch of the winning project(s).
Sonorous
Challenge: Gamifying Music and Music Production
As the music industry continues to evolve, there is a growing interest in making music creation and production more engaging and accessible. Gamification, the process of incorporating game design elements into non-game contexts, offers a unique opportunity to revolutionize how music is created, learned, and shared. By integrating gamification with blockchain technology, we can create a more interactive and rewarding experience for both amateur and professional musicians.
This challenge invites innovators to submit product proposals and/or business plans for a platform that gamifies music and music production. The goal is to develop a solution that leverages game mechanics to make music creation fun and educational, encourages community participation, and ensures fair rewards and recognition for creators through blockchain technology.
Goal
- Interactive Learning: Develop interactive tutorials and challenges that guide users through the basics of music theory, composition, and production. Use game mechanics such as levels, badges, and leaderboards to motivate users and track their progress.
- Collaborative Gameplay: Create features that allow users to collaborate on music projects in a game-like environment. Incorporate multiplayer modes where users can work together to complete music challenges or compete in music production contests.
- Reward System: Implement a blockchain-based reward system that recognizes and rewards users for their contributions and achievements. Use tokens or NFTs to provide tangible rewards that can be traded, sold, or used within the platform.
- Community Engagement: Foster a vibrant community where users can share their creations, provide feedback, and participate in community-driven events. Use gamification elements to encourage active participation and collaboration.
- Personalized Experience: Utilize AI to offer personalized recommendations and challenges based on the user’s skill level, interests, and progress. Ensure that the platform is accessible and engaging for users of all ages and backgrounds.
This challenge aims to create a platform that not only makes music production more accessible and enjoyable but also fosters a sense of community and rewards creativity. By gamifying the music creation process and integrating blockchain technology, we can inspire a new generation of musicians and producers to explore their creativity in a fun and rewarding way.
Judging Criteria
- Innovation and originality of the proposed solution.
- Practicality and feasibility of implementation.
- Potential business value or social impact.
Reward
First Prize: $5,000 in $SNS tokens. Awarded to the entry that best meets the challenge criteria, showcasing exceptional innovation, feasibility, and potential for user engagement.
Second Prize: $2,000 in $SNS tokens. Given to the runner-up entry that demonstrates significant innovation and alignment with the challenge goals but falls just short of the top spot.
Q3 Sponsors
Stakestone
Challenge: STONE Use Case
Encourage the creation of innovative use cases for STONE token for payments, through new strategies and mechanisms. Find the best way to use StakeStone to give users a similar experience like a flexible, high yield saving account, where users can spend the funds in the saving account as it accumulates yield (example: Yeahpay).
Judging criteria
- Innovation and originality of the proposed solution (60%)
- Practicality and feasibility of real-world implementation through documentation, code or powerpoint slides (20%)
- UX design quality, engagement potential, code quality to smart contract best practices; whichever is most relevant (20%)
Problem description:
STONE is a highly utilized liquid ETH solution. This challenge explores how STONE can be used in payment ways. To date, our team has built STONE integrations across DeFi, AI, CeFi, payments and GameFi. We are looking for new solutions that show innovative use cases of STONE that are attractive and can drive mass adoption. Who should we partner with that we haven’t? How should we think about liquidity, scaling and UX for a high yield savings account powered by StakeStone?
Learn more about STONE on our developer documents here: https://docs.stakestone.io/stakestone
If you need any tech support or more details, feel free to contact us on our Discord or community Telegram.
Submission Requirements
GitHub link (including documentation, code, deployment status, and product URL if applicable)
Reward
- Awards: $10,000 USD worth of STONE tokens
- 1st prize: $5,000 USD worth of STONE tokens
- 2nd prize: $3,000 USD worth of STONE tokens
- 3rd prize: $2,000 USD worth of STONE tokens
MyShell
Challenge: Open, AI together – AI Apps Building & Bidding
Join this innovative App Store on MyShell to build and invest in advanced AI apps on BNB Chain. Bid on utility-driven apps using bonding curves for significant profit potential.
Reward:
Total: $40,000 with 4 prize pools for Patrons and Developers:
- Trading Return Champions:
- first place $2000,
- second place $1600,
- third place 1000,
- fourth to tenth place each $300.
- Trading Volume Champions:
- first place $2000,
- second place $1600,
- third place 1000,
- fourth to tenth place each $300.
- AI App Developer Champions:
- first place $2000,
- second place $1500,
- third place 1000,
- fourth to tenth place each $300.
- AI Widget Developer Champions:
- Top 40 winners will each receive $500 for submitting a high-quality, open-source AI model (Wiget on MyShell) during the Hackathon.
Submission Requirements
Users are required to submit their MyShell wallet or account (1 wallet/account per participant). All data will be recorded and counted at mid or end of September.
Judging Criteria:
- Return rate
- Total trading volume
- AI app bonding curve holders
- AI widget quality
Hacken
Challenge: Address Poisoning Attack Detector
Address poisoning or address spoofing is an attack vector that targets users through poor transaction history display on Wallet/Explorer interfaces and user oversight in transaction hygiene. An attacker monitors on-chain activities to identify wealthy users, manipulates user addresses by making the first and last bytes identical, and then sends transactions or generates fake events to the user’s wallet, expecting the user to inadvertently use a copied address from their transaction history.
Reward:
Prize-1: $3,500
Prize-2: $1,500
Submission Criteria
A functional detector capable of either replaying transactions from known previous attacks or identifying address poisoning attacks in real-world scenarios.
Judging Criteria
The top prize will be awarded to a functional code that detects attack preparations and sends alerts to potential victims via Extractor. The next prize will go to a detector that successfully identifies replays of previous attacks.
Relevant documents:
https://github.com/haas-labs/ext-sentinel-py-sdk
Other Information:
- Address Phishing (Poisoning) Sentinel
- Exploiter can “mine” Addresses (finding private key which corresponding public key address has the same bytes in the beginning and the endObfuscated address would look absolutely identical to “trimmed” address.
- Attack Example
Many explorers and wallets “trim” 20 bytes Ethereum address to the first and last 2-3 bytes. Example: 0xdAC17F958D2ee523a2206206994597C13D831ec7Trimmed: 0xdAC1…31ec7 Example in Metamask:
Result: https://etherscan.io/tx/0x3374abc5a9c766ba709651399b6e6162de97ca986abc23f423a9d893c8f5f570
- Preparation:
Legitimate transaction: https://etherscan.io/tx/0xb18ab131d251f7429c56a2ae2b1b75ce104fe9e83315a0c71ccf2b20267683acFrom: 0x1E227979f0b5BC691a70DEAed2e0F39a6F538FD5To: 0xd9A1b0B1e1aE382DbDc898Ea68012FfcB2853a91Value: 0.05ETH
Phishing transaction:https://etherscan.io/tx/0x87c6e5d56fea35315ba283de8b6422ad390b6b9d8d399d9b93a9051a3e11bf73From: 0xd9A1C3788D81257612E2581A6ea0aDa244853a91To: 0x1E227979f0b5BC691a70DEAed2e0F39a6F538FD5
Phishing transaction (Fake Events):https://etherscan.io/tx/0x9147d74ef5749b7f27eb2e2528e5a611060b3f609b435f7f50ac87f49e5b957c
- Detecting Address Phishing flow
- Constantly build and update “Whale” addresses dataset.
- Whale address is an address which holds tokens balances (+ native token balance) above configurable threshold (e.g. $100K)
- Only selected Tokens should be queried (like top 100 from Coingecko)
- Whale addresses can be stored in HaaS Labels DB with a tag e.g. “whale”
- Sentinel monitoring should cache whales dataset and periodically update it
- Balance calculations can be done in the following ways:
- Transaction monitoring: If address is present in transaction (to/from), call Node to get its native balance and all tokens. This can be expensive, but very real-time
- Transaction monitoring + Events monitoring. Native tokens balance is still detected by matching “to” and “from” and updating “value”. ERC20 tokens monitoring is done by monitoring Events (should check Events of ALL transactions since transfers can happen from contracts). This is much cheaper since no Node interaction is required and still real-time
- Periodic (~1 hour) update of all addresses from Node balances
- Periodic (~ several hours) update from indexing services like Dune
- Scan for all Events in every transaction and try to match “similarity” (first and last 2-4 bytes match agains Whale addresses) in ERC20 tokens transfer events
- Scan for all Transactions and try to match “to” field similarity (first and last 2-4 bytes match agains Whale addresses)
- Alert with information about “Whale victim”, “Phishing Initiator” address and other metadata
- Constantly build and update “Whale” addresses dataset.