Journey of a fresh Kleros Token Curated Registry bounty hunter

9 min readJan 10, 2020

Kleros decentralized dispute resolution.

A bit of context

So, what is the Kleros TCR (Token Curated Registry) about? It is a community verified list of tokens complying with a set of listing criteria. Anyone can propose a token to the list, you just need to stake some Ethereum to do so (you get it back if no one challenges your submission or if you win the challenges).

Submission is subject to a 5-day probationary period during which it can be challenged by anyone who feels it doesn’t match the listing criteria. Provided it clears, the token is then registered. You can get full detailed explanation on how the Kleros TCR works here.

That said, the Kleros team initiated a new bounty program worth 1 Million PNK to boost submission incentive for a 3 months’ period. (check the bounty details here). Similar to a reward system, the more tokens one gets registered, the more PNK one receives. I decided to take part in that hunt.

At this point, I must add that, although I have been a juror since the very beginning of Kleros (the Doge trial), I never submitted any token (nor Doge picture) until this bounty.

Summary figures

I submitted 88 tokens during these three months, 87 of which have made their way to the registered status (out of a total of 135 which have been approuved for the bounty).

I was challenged 5 times, on submissions n°19, 22, 23, 34 & 48.

I was rewarded with approximately 645,000 PNK (around $4,500 at the time of writing).

Beginning the hunt

At first, I was not aiming at submitting more than a dozen tokens and i just wanted to focus on some of the blockchain projects I was following: fair enough, one could say!

From the beginning, I was being very cautious about sticking to the required criteria for the token inputs — Asset name, Ethereum contract address, asset ticker name and compliant png logo picture — as I was well aware the community has a high exigency level for the TCR and is eager to have a polished tokens list (and to grab some incentives by challenging too, obviously).

**Bounty is over:** @kokialgo found the 4 tokens not submitted by me and won **5000 PNK**.

Quite rapidly (maybe 8 tokens submissions later), I noticed that the TCR twitter bot used to notify submissions wasn’t working properly, missing a lot of token announcements. This bot is a key feature for the community to be aware of submissions and, if it fails, submissions may rather easily fly under the community radar.

I decided to wave the team about the issue while pursuing my hunt (foolish me! Handing to the crowd the Justice Hammer to get me challenged!).

However, I achieved my first goal (remember, a dozen token submissions) in a pretty effortless way, without being challenged, and I found myself very enthusiastic about taking the bounty experience to another level:

Hitting maximum tokens submissions

My strategy for risk management for this was to allocate a maximum of 4 Eth to the task (allowing for potential challenges). Thus, I was in position to keep a cruising speed of one token submission by day.

To keep track of all my submissions (including their status), I was also maintaining a manual handwritten record (why would I do that at a digital era ?? Search me!).

Come on, not even trying with some google sheet ??

At this point, I accumulated a lot of confidence in submitting tokens. I remained very vigilant about being in line with the listing criteria, but I did not really have any kind of rigorous verifying protocol and figured this should not be too difficult to achieve. Until…

Submission 19 got challenged, “OVCode”, the lowercase issue

First challenge out of nineteen submissions, so I was not too disappointed even though the challenge was about deciding which was the most used asset name regarding 3 lowercase “ode” letters:

OVCode or OVCODE ?

I defended my case and the jurors’ decision ended in a DRAWN (So-so! a drawn implies submission being rejected). Anyway, my semi-satisfaction did not last very long as the challenger appealed rapidly (damnit!). All my task-allocated Eth being busy into other submissions, I was unable to fund myself and the token was eventually rejected.

The OVCODE challenge did not prevent me from going on with submissions meanwhile, but soon…

Submission 22 got challenged, “BlockMason Credit Protocol”, the uppercase issue

Somewhat annoying as it was very close to the previous challenge and was again on the basis of the most used asset name for a petty uppercase “M” letter (come on, cut me some slack about those names!).

BlockMason Credit protocol or Blockmason Credit protocol ?

I defended my case and the jurors decision ended in my favor with a “YES, ADD IT” (yeah!). But again, short lasting joy, case was appealed, my bounty allocated Eth were busy, could not fund myself* and token was eventually rejected (damnit!).

*In case of an appeal, it is an automatic case fail for the unfunded side whatever was jurors previous decision.

Did this second challenge stop or even slow me down? No. Commitment at work here!

But, still, I was a bit bothered, wanting to rush into next submissions and to put this challenge behind me. Quite the big mistake, leading me to omit the basic duplicate control, which consists in checking to ensure the token you’re about to submit isn’t already listed, and…

Submission 23 got challenged, “XYO Network”, the duplicate token issue

This challenge on XYO Network occurred quite swiftly and, of course, irritated me regarding my own negligence. This case is covered straightforwardly as it was obviously undefendable and resulted in the token being rejected.

It is now time for a quick sumup with some figures

One month into the bounty at this point, and I submitted 23 tokens so far while being challenged 3 times in a short time frame.

I lost my Eth stakes on those three cases, which was not far from a 1.5 Eth loss, thus reducing a lot my submission cruising speed (remember, only 4 Eth allocated to the task). Down to 2.5 Eth still available for submissions since the challenge on my 23rd submission.

But I kept going forward anyway with a special focus on the asset name to avoid, at most, potential uncertainty that would lead to new challenges (remember, the Kleros community is closely watching your submissions, at least when the twitter bot is fully functional).

Resolution taken: I will not get caught again on asset names!

Indeed…

Submission 34 got challenged, “Morpheus.Network”, the logo issue

I hesitated a little before validating the transaction of this submission, a small voice telling me to think twice about potential attack angles on the image: i swept those doubts aside and eventually clicked the metamask button.

I really should have listened to that tiny voice because the challenge on the Morpheus.Network token submission happened: the argument was about the logo that would not be compliant to the listing criteria due to 2 slim grey lines at the bottom of the symbol. Those lines were representing the 2 letters’ shadows.

This time, the case generated a lot more interest from the community, community which was divided on whether there was an issue or not with that image regarding listing policies. A lot of discussions went on on the telegram channel dedicated to jurors and, more generally, talking about cases: https://t.me/klerosjuror

2 community groups naturally emerged:

One considering submission was outrageously violating the rules and lead by community member Mars Roberson (@marsxr on telegram).

The other one defending that the logo was clearly respecting the criteria and lead by Kleros team developer Ferit (@ftunc on telegram).

Evidence were presented by both sides (you can check this on the TCR token details here). Battle raged during 3 rounds with 2 appealed sessions:

Round 1 — 3 jurors involved, verdict “DRAWN” (So, meaning a token rejection, damnit!).

Round 2 — 7 jurors involved, verdict “YES, ADD IT” (So, favoring me, yeah!).

Round 3 — 15 jurors involved, verdict “YES, ADD IT” (So, in my favour again, yeah!).

You can check those rounds on the blockchain of course and with the case explorer facility “Kleroscan” developed by community member Marc Zeller (please, someone help me convince him to give it a sexier look!).

So this time the submission went through the challenge and was approved.

Moreover, as I was able to contribute a little in the second appeal funding, i won some Eth back, restoring some submission cruise speed.

End of the hunting journey

From this last challenge, I decided to implement a stricter set of rules to select the tokens to submit with the goal of limiting challenge opportunities to a minimum.

These rules are quite simple but following them helped me to get 87 tokens registered in the end. Keep in mind that these rules apply in a context where you want to submit as many token as possible without being challenged too much. If you want to submit a particular token, you can take more time to do it safely.

So, here we go, grab a list of ERC20 tokens and:

1- Check for duplicates on the TCR (Yeah, do not miss that point).

2- Check the smartcontract on Etherscan.

3- Look for any token migrations or token swaps, passed or running: even though token swaps are not clearly forbidden within the listing criteria, it can be a weakness and induce a challenge, so drop the token if it is the case.

4- Check the asset name and see if there is any doubt on it: drop the token if there is no clear consensus over their website, media channels and exchange listings, avoid any token with a name including “token” or “coin”.

5- Check the logo, you need a clear consensus on its global use: drop the token if different logos are used even involving tiny differences such as colors.

6- Find good quality logos strictly respecting listing criteria especially the transparent background and the size: ask the project team, look for projects media kits, logo from websites, track them on google image, convert svg to png, crop if necessary to be sure logo takes the most part of the image, zoom to detect pixelated parts.

To conclude the trip, I had an ultimate challenge on my way to the end of the bounty period concerning the “LocalCoinSwap” token submission (n°48), but it was most likely a listing rules misunderstanding from the challenger and the case was easily won on my side.

Final words

I found bounty very enticing and challenging, and somewhat fell in a submission race.

Was it easy money ? Not at all!

It took me dedication and a lot of work to ensure solid submissions. Sometimes, I was able to find a fitting token in 10 minutes whereas it could take me several hours reviewing tokens for nothing.

Kleros wise, the decentralized dispute resolution protocol provided by the project and relying on game theory, Shelling point and incentives is amazing and, as far as I am concerned, has proven its efficiency with use cases like the Token Curated Registry (I have now been experiencing both juror and submitter sides on this matter).

The Kleros Team 2020 roadmap is promising and one should check it carefully here.

To conclude, there is a little PNK bounty hidden somewhere in the story: be the first to PM me the correct answer through telegram (@Presence_Numerique) and get the reward (one guess by person).

PNK Bounty Update: We already have a winner, community member Koki (@kokialgo) found the 4 tokens and won the 5000 PNK, congratulations! Check the transaction on the blockchain.