Bounty Hunters

Problem Statement

Bounty Hunters - Social-Fi on World ChainThe best social-fi app on the World App MiniApp store!What is Bounty Hunters?Bounty Hunters is a social finance platform that connects brands with verified humans to amplify their message on social media - all powered by World ID and World Chain.How It WorksFor Brands (Bounty Creators):Verify as Human - Use World ID to prove you're a unique, real personCreate a Bounty - Set up a social media campaign: - Choose your budget (in WLD or USDC) - Set number of participants (1-5 bounty hunters) - Define requirements (hashtags, mentions, duration) - Upload a cover imageFund on Blockchain - Your bounty is secured on World ChainWatch It Spread - Bounty hunters promote your message across social mediaFor Bounty Hunters (Participants):Verify as Human - World ID ensures only verified humans can participateBrowse Active Bounties - Find campaigns that interest youSign Up - Reserve your spot (limited participants per bounty)Complete the Task - Post on Twitter/X with required hashtags/mentionsSubmit Proof - Link your tweet to claim your rewardGet Paid - Receive WLD or USDC directly to your walletKey Features🌐 Built on World ChainAll bounties are smart contracts on World ChainTransparent, verifiable, and trustlessInstant crypto payouts✅ World ID VerificationOnly verified humans can create or participateNo bots, no fake accountsFair distribution of rewards💰 Crypto RewardsEarn WLD or USDC for social engagementRewards based on total budget / number of participantsHigher follower counts = potential multipliers📊 Real-Time TrackingDashboard shows your earnings from blockchain eventsTrack pending and completed bountiesView submission history🎯 Simple & EffectiveCreate bounties in minutes2-5 participants per bounty for focused campaigns24h to 1 week duration optionsWhy Bounty Hunters?For Brands:Authentic social proof from verified humansCost-effective compared to traditional adsBlockchain-verified engagementFor Users:Earn crypto by sharing content you believe inFair compensation (no bot competition)Build your social presence while earningTechnology StackWorld ID - Human verificationWorld Chain - Blockchain infrastructureSmart Contracts - Secure bounty managementMiniApp - Native World App integrationSupabase - Real-time data storageBounty Hunters turns social engagement into verifiable value, powered by World ID and World Chain.

Solution

How It's Made - Bounty HuntersTechnical Architecture & ImplementationBounty Hunters is a full-stack social-fi application built on World Chain, leveraging cutting-edge Web3 technologies and innovative approaches to gasless token transfers.World Coin MiniKit SDK IntegrationWe deeply integrated the World Coin MiniKit SDK to create a seamless native experience within the World App. Key implementations include:WalletAuth: Automatic wallet authentication on app launch, eliminating manual connection stepsWorld ID Verification: Implemented MiniAppVerifyActionPayload with verification levels to gate bounty creation, ensuring only verified humans can create campaignsIn-App Transaction Signing: Used MiniKit.commandsAsync.sendTransaction() for native transaction flows without external wallet popupsReal-time Balance Fetching: Integrated wallet balance hooks that query World Chain directly through MiniKit's RPC providerThe MiniKit SDK was crucial for creating a mobile-first experience where users never leave the World App ecosystem.Smart Contract Architecture with Permit2Our bounty contract implementation uses Permit2's SignatureTransfer mode - a particularly hacky and innovative approach that solves a critical UX problem:The Problem: World App blocks approve() calls for security, making traditional ERC20 token flows impossible.Our Solution: We implemented Permit2's signature-based transfer system: function _collectERC20Funds( PaymentType paymentType, uint256 totalNeeded, uint256 fee, uint256 permitDeadline, bytes calldata permitData, uint256 permitNonce ) internalThis allows gasless, approval-free token transfers. The World App backend automatically generates and injects Permit2 signatures using the PERMIT2_SIGNATURE_PLACEHOLDER_0 pattern. Users can create bounties with WLD or USDC without any prior token approvals - the signature handles everything in a single transaction.Notable Hack: We separated the Permit2 signature deadline (max 1 hour due to World App limits) from the bounty deadline (up to 7 days), allowing long-duration bounties while maintaining security.Hardhat Development & TestingWe used Hardhat for our entire smart contract development lifecycle:Solidity 0.8.20 with OpenZeppelin and Solmate librariesComprehensive test suite (BountyModulePermit2.t.sol) testing all edge cases:Permit2 signature validationMulti-token support (ETH, USDC, WLD)Payout fee calculationsReentrancy protectionDeployment scripts for World Chain mainnetABI generation automatically exported to frontend (BountyModule.json)The contract uses ReentrancyGuard from Solmate and SafeTransferLib for gas-optimized, secure token transfers.Twitter Scraper Backend (Python/FastAPI)Built a FastAPI backend (bounties_api.py) that serves as the off-chain coordination layer:Tweet validation: Scrapes and validates submission tweets against bounty requirements (hashtags, mentions)Supabase integration: Real-time database for bounty submissions, participant tracking, and metadataImage upload: Handles bounty cover images via Supabase StorageReward multiplier calculation: Dynamically adjusts payouts based on Twitter follower counts (1x to 3x multipliers)Two-phase submission flow: a. User signs up (reserves spot) b. User submits tweet URL (validated and approved)Blockchain Event ListenerWe built a custom event listener service that monitors World Chain for BountyPayout events:const logs = await client.getLogs({ address: CONTRACT_ADDRESS, event: parseAbiItem('event BountyPayout(...)'), args: { recipient: walletAddress }, fromBlock: 'earliest' })This provides source-of-truth earnings data directly from the blockchain, displayed in the Rewards dashboard. We use viem for efficient event querying and decode wei amounts to human-readable token values.Notable Technical DecisionsUUID to Bytes32 Encoding: Bounties are identified by UUIDs in Supabase but stored as bytes32 on-chain. We wrote custom encoding functions to bridge these systems.Direct Supabase Integration: The MiniApp connects directly to Supabase using RLS (Row Level Security) policies, eliminating unnecessary API middleware.Dual Deadline System: Bounties can last 7 days, but Permit2 signatures expire in 1 hour. This creative split maintains UX while respecting World App's security constraints.Zero-Approval Token Transfers: By leveraging Permit2's SignatureTransfer mode, we achieved the holy grail of Web3 UX - one-click token transactions without approvals.Tech Stack SummaryFrontend: React + TypeScript + ViteBlockchain: Solidity, Hardhat, Permit2, World ChainBackend: Python FastAPI, Supabase (PostgreSQL)Web3 Libraries: viem, @worldcoin/minikit-jsSmart Contract Libraries: OpenZeppelin, SolmateTotal Development: 3000+ lines of TypeScript, 500+ lines of Solidity, 400+ lines of Python, all orchestrated to create a seamless social-fi experience on World Chain.