Verify DKIM Signatures: Announcing the Bounty Winners
Last month, we issued a thrilling bounty on Gitcoin. The winners are now announce, and it’s time to reflect on the experience.
When we first talked to the Gitcoin team about the latest coding bounty we published on the platform, they were thrilled by our idea. We tasked engineers with the challenge to come up with a way of verifying DKIM signatures generated by Gmail or other providers.
Initially, we offered a prize of 1,800 DAI (~$1800 USD) which we then increased to 2,000 DAI — but Gitcoin decided to chip in and we ended up paying out a total of 2,500 DAI to three winners! Congratulations to developers RideSolo, bakaoh and nionis — you guys did fantastic work!
Ethereum UX is often challenging, and a lot of decentralized apps end up with a user experience that is not exactly ideal because of various technological constraints.
Let me give you an example. A couple of weeks ago I had to reboot my hardware wallet, and I had to enter my seed phrase. I did it, entering one word from the phrase, confirming with a button, entering the next one, confirming by clicking on a button again, and so on. It took a while. Then I got an error message that my seed phrase didn’t match. Frustrated, I typed it in again, word after word, and got the same error message. At this point I began to worry something was wrong with my seed phrase and for a brief moment, I imagined losing access to all of the assets I kept on that wallet. It nearly gave me a heart attack. Only on the third try did I realize that I had failed to see the message on top of it, asking me to enter the seed phrase words in a particular order. The whole thing took me nearly half an hour and some noticeable frustration. There must be a way to avoid this, right? Right. Back to the bounty challenge.
Our bounty allows users to sign up to Ethereum applications with an email and a passphrase — and then securely recover their account even if they forget their passphrase. Such technology brings users а familiar sign up process without compromising security. The login credentials recovery feature is something to be greatly appreciated by anyone who has had to type seed phrases again and again to regain access to a decentralized service (the author of this piece included).
The submissions
When we first issued the challenge, we honestly did not expect to receive three independent full submissions — but we did!
We judged them on a number of criteria:
- README and presentation;
- Tests: how easy were they to run and their quality;
- Algorithm/provider support;
- Gas usage score;
- Correctness and security;
- Elegance, simplicity and readability;
- Bonuses — OSS contribution, demo;
- “Real world”/adaptability score.
All three winners scored exceptionally well on these. RideSolo’s solution was exceptionally good in algorithm support: it was the only solution to implement ed25519, which makes it future proof; also, it had an incredibly detailed test suite which compared off-chain results to on-chain results, and tested failing cases too (incorrect signatures). The submission of nionis impressed us with good gas cost results and bonuses for having a demo app and OSS contributions. The work of bakaoh got bonus points for security and the general quality of their code.
The takeaways
We can’t emphasize enough how happy we are to see such interest in the bounty — getting the community exciting about fantastic tech reinforces our belief in the Web3 ecosystem (not that we need any reinforcement, really). It is always electrifying to see the community come together and build things that will bring the world a better, cleaner, much more secure and privacy-focused web — we all know we desperately need it.
We also like to use this opportunity to share our excitement about the Gitcoin model and the fantastic results we’ve seen so far from our interaction with the platform and the people on it. We consider Gitcoin to be a meeting point for great minds united by a common goal — and the platform has never disappointed.
In fact, it is there that we met one of our team members, Sam; a curious bit of company trivia is that he submitted work on an earlier challenge we issued, and later on we invited him to join team AdEx full-time.
The Gitcoin team has always been incredibly responsive to our suggestions and feedback, and has gone the extra mile to make our experience as pleasant and hassle-free as it could be. We can’t wait for the next project on which we collaborate with them!
