BountyIOTA (part I)

Get paid to contribute to open source

Join the BountyIOTA Discord if you want to troll ;)

I have decided to make my proposal for “The Perfect Brainstorm” public to the IOTA community. The reason to do so is because I truly believe that the least important aspect of any project is not the “idea” by itself, but the capacity for a group of individuals to execute it and gather enough support and critic mass adoption around it.

With that, I’m not saying I have the intention of bring this idea forward and develop it into a reality. My only goal is to play the game proposed by the IF and imagine a platform that would both be a good example of use for IOTA and a good tool for the ecosystem. If the IOTA Foundation or the community decides that it is worth developing it, I’ll be happy to help. In any case, I had a lot of fun writing it and I hope, at least, it serves as an inspiration for other people to do the same.

Introduction

Open source projects need a way to attract contributors (developers, bug hunters, translators, etc) to donate their time and energy to help develop the technology further. Many of these projects organize bounty programs where they offer economical, professional or prize incentives in exchange for the contributions from the community. Usually these bounty programs are organized in a informal way (blog post, website, etc) or through a third party platform (bountysource, bugcrowd, etc). I believe that even though these ways of organizing bounty programs have been useful so far, they will be greatly benefited by taking advantage of the incentives that DLTs and specifically IOTA can offer.

Problems and current limitations

Transparency & trust — It affects specifically the bounty programs organized in an informal way (blog post, website, etc) because there is no way to guarantee the organizer has the required funds and/or prizes once the bounty gets claimed. It also affects third party platforms because, in many cases, they act as escrows and there is no way to know where or how the funds are kept. In both cases, there is a lack of transparency in knowing whether the funds have actually been paid to the contributor or not.

Intermediary fees — Both third party platforms and payment providers charge fees to allow payments and or to act as escrow while the bounty program is taking place. These fees can add up to 10% of the bounty price depending on the technologies and/or platforms used. This, not only limits the amount of money the bounty winner receives, but also restricts the kind of bounty programs that will make economic sense to organize especially when small bounties are involved.

Community engagement— In informally organized bounty programs, there is no way for the community or third party organizations to help fund specific projects or features by contributing to the bounty pool. Also it limits the capacity of the community to propose features and help incentivize their development.

Advanced payment structures — Technology limitations and/or fees limit complex reward systems where the funds can be distributed in a fairer and more transparent way when several stakeholders are involved. These limitations affect both the bounty claimer side and the backer/supporter side of the payment mechanics.

Current platforms and solutions

I am going to analyze some current platforms and solutions used to launch bounty programs, starting with the ones that are more closely related to my proposed solution.

BountySource.com

Third party platform that allows anyone to launch a bounty program or contribute to a program organized by someone else. It is the closest thing I’ve seen to my proposed solution, but they act as escrow for the funds and charge a 10% fee when withdrawing funds. They are also starting to accept crypto but only as a means of payment and they convert to fiat right away. They also did an ICO and created their own token to use as currency for the system. I don’t share the vision of creating a token as it adds complexity and volatility to the system. I believe using IOTA as the backbone would be a much better solution and it would bring transparency, trust and eliminate intermediaries.

BugCrowd.com, HackerOne.com or Synack.com

Third party platforms mainly focused on responsible disclosure of security vulnerabilities. They allow organizations to launch bug bounty programs and they act as escrow for the funds. They are a very good solution for organizations that want a fast and private vulnerability disclosure, avoiding bad actors taking advantage of such vulnerabilities before they get fixed. There is no public pricing model available but we assume they charge the organization depending on the use of the platform.

Proposed solution

Read about my proposal in Part II of this article.

If you want to give me your feedback or just troll about this, you can do so in the BountyIOTA Discord.