Open in app

Sign in

Write

Sign in

Intuition | V1 Contracts | Audit Competition

Welcome, finally, to the Intuition System.

0xbilly
0xIntuition
5 min readJun 21, 2024

--

Hello, world!

After a long and challenging journey, Intuition is excited to announce that we are nearing the launch of what we have dubbed the ‘Intuition Beta’. This milestone is the result of countless hours of dedication, intensive development, community support, and the overcoming of innumerable obstacles. Our team and our community have worked tirelessly to bring this vision to life, ensuring that every aspect of the platform meets the highest standards of excellence.

In anticipation of this significant achievement, we are preparing to release the initial iteration of the Intuition system’s core smart contracts. As part of this process, we are thrilled to announce our smart contract audit competition, in partnership with Hat Finance. This competition marks a crucial step in our journey, as we invite the community to help us ensure the security and robustness of our platform.

At Intuition, security, resilience, and the protection of user funds are our utmost priorities. We understand that in the world of decentralized finance, the trust of our users is paramount — and with this, we will be taking every reasonable measure possible to maintain that trust.

With this, we invite YOU to participate in helping bring this vision to life — in the safest way possible — by competing in our audit competition, for a chance to win $28,000 in prizes. The competition will kick off today, June 21st at 15:00 GMT, and run until July 5th, 2024, at 15:00 GMT. Whether you are an experienced security professional or just beginning your journey, this is an excellent opportunity to showcase your skills, earn rewards, and be an early member of the Intuition family.

Overview

Starting today, a new vault called “Intuition” is available on the Hats dApp. Participants are invited to scrutinize the contracts for vulnerabilities, with rewards distributed based on the severity of the issues discovered. We welcome hackers of all experience levels, and rewards will vary according to the severity of each vulnerability identified.

Intuition is an Ethereum-based attestation protocol that makes it easy to create, explore, and incentivize verifiable information. By default, attestations reside on an open social knowledge graph, allowing any developer and its users to harness the wisdom of the crowds.

The Intuition Protocol differentiates itself through a novel architecture that decouples “statements” from “attestations”, allowing for many-to-one relationships between “identities” (also referred to as ‘Atoms’ in the contracts) and “claims” (also referred to as ‘Triples’ in the contracts) and enabling the easy integration of game-theoretic incentive mechanics to encourage useful data contribution. To unlock this many-to-one capability, Intuition allows system participants to ‘Stake’ on Identities (Atoms) and Claims (Triples), which acts as signaling of a user’s level of conviction about the relevance of an Identity, or their level of conviction that a Claim is True or False.

To achieve this functionality, a core component of the Intuition contracts is the concept of the ‘Multi Vault’. In Intuition, each Identity and each Claim has associated ‘Vaults’, through which users can stake/unstake ETH. Due to the high number of vaults required for this architecture and the associated gas costs, the Intuition contracts draw inspiration from a blend of ERC 1155 and ERC 4626 to create a ‘MultiVault’ — a contract which is capable of handling any arbitrary number of Vaults (as opposed to a factory pattern wherein a new contract would need to be deployed for each Vault).

Acting as a Verifiable Data Registry for Identity and Claim state, this smart contract state stores crucial information including the URIs of Atoms/Triples, the intricate relationships between them, and current stakeholder positions, forming the nodes and edges of the knowledge graph. In contrast, the off-chain Verifiable Data Registry maintains the properties of these nodes and edges, creating a comprehensive and interconnected data structure.

Aside from EthMultiVault, the AtomWallet contract is a foundational element of the Intuition protocol, acting as an abstract account (wallet) linked to a specific atom. Leveraging account abstraction standard ERC-4337, Atom Wallets give every Atom in the Intuition system their own wallet. Upon instantiation, Atom Wallets are owned by the Intuition protocol. In future versions of Intuition, recovery methods will be introduced that allow users who can prove rightful ownership over an Atom to ‘recover’ the wallet of an Atom. For instance — if an Atom is representative of a Youtube video published by User X, if User X can prove that they are the publisher of the Youtube video, they will be able to recover the wallet of the Atom.

If any of this sounds interesting to you, we highly encourage you to get involved!

Competition Details

  • Scope: Participants will work with approximately 969 Source Lines of Code (SLOC) in Solidity. Ensure you have ETH to submit your reports.
  • Submission: Multiple reports can be submitted in a single transaction using the plus button in the submission interface.
  • Communication: Join the dedicated Discord channel on the Hats server to stay updated on the competition’s progress, interact with the team, and get your questions answered.

Rewards and Point Calculation

The competition’s prize pool is $28,000 in USDC, after a 20% service fee ($35k total). Rewards are based on the vulnerabilities’ severity, categorized as Low, Medium, or High.

Reward Distribution

  • Low Severity: Up to 400 USDC per submission (1 point)
  • Medium Severity: Up to 3200 USDC per submission (8 points)
  • High Severity: Up to 6400 USDC per submission (16 points)

Timeline

  • Winner Announcement: Winners will be announced ten days after the competition concludes.
  • Dispute Period: After the winner announcement, submitters can raise disputes and seek clarification from the committee team. The Hats security team will ensure a fair and professional review of disputed entries.
  • Reward Distribution: Between 7 and 14 days following the announcement, a split contract will be published for winners to claim their rewards.
  • Service Fee: A 20% service fee will be deducted from the payout.

Eligibility for Rewards

Bounties will not be awarded for the following known issues:

  • Problems highlighted in previous audit reports.
  • Vulnerabilities that have already been publicly disclosed, whether by HATs or third parties.
  • Risks of centralization that are recognized and/or intentionally embedded in the protocol
    (e.g., an admin has the capability to upgrade key contracts and misappropriate funds).
  • Exploits that necessitate access to leaked private keys or trusted addresses.
  • Gas optimizations
  • Issues or contracts are specified in the out-of-scope section.

Keep up to date

This competition marks the first step in our journey towards a full production launch, which will follow shortly after the audit concludes. We are incredibly excited about what we’ve been building and are eager to share it with the world. Our vision for Intuition is bold, and we are committed to making it a reality.

We invite you to join us on this transformative journey as we strive to reclaim digital and data sovereignty and revolutionize how society interacts. Stay connected with us through our official channels linked below, where you’ll find the latest updates, insights, and opportunities to engage with our community.

Good luck, and may the odds be ever in your favor 🤝

Guild · Twitter · Discord · Website · LinkedIn · Lenster · Mirror

-0xbilly & the Intuition team

Ethereum
Audit
Web3
Identity
Attestation Services

--

--

0xbilly
0xIntuition

Written by 0xbilly

322 Followers
Editor for

poorly formed/communicated thoughts regarding questionable topics https://intuition.systems/

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams