WorkPassport

Problem Statement

Remote work is global, but proving your work history isn't. Workers struggle to verify past employment when applying across borders, and employers can't trust unverified credentials. Meanwhile, cross-border payments take days and eat up fees.WorkPassport solves this with cryptographically signed work credentials stored on-chain. Employers verify their companies through AI, issue EIP-712 signed credentials, and lock PYUSD payments in escrow. Workers instantly claim their credentials and payments—no intermediaries, no delays.The system runs two autonomous AI agents: one continuously verifies company legitimacy using OpenAI, the other monitors credentials for fraud patterns. Every credential is immutably stored on Ethereum, with salary information encrypted via Lit Protocol so only the worker can decrypt it.Workers can also connect their GitHub to showcase their open-source contributions with rich profile analytics. Everything is transparent and verifiable through Blockscout's transaction tracking. All credential issuance and payment is visible on-chain.We built this because remote work shouldn't have borders, and proving your skills shouldn't require begging old employers for reference letters.

Solution

We built WorkPassport over 16 intense days, and honestly, getting everything to work together was way harder than we expected.The core is built with Next.js and TypeScript, connecting to Ethereum Sepolia for on-chain storage. We use EIP-712 typed data signatures so credentials are cryptographically verifiable. Employers sign them with their wallets, and anyone can verify the signature matches the issuer.For payments, we integrated PayPal's PYUSD stablecoin with a custom escrow smart contract. When an employer issues a credential, they can lock PYUSD in escrow. The worker claims it by proving ownership of the credential hash on-chain. This eliminates payment delays and currency conversion fees for remote workers.The AI agents were the trickiest part. We built two autonomous agents that run 24/7 in the background. The Company Verifier Agent polls Supabase every 15 seconds for pending company verifications. When it finds one, it uses OpenAI's GPT-4o-mini to analyze the company name, website, and LinkedIn profile. We made it lenient for demos but strict enough to catch obvious fakes. It auto-approves legitimate companies and flags suspicious ones.The Credential Monitor Agent checks for newly issued credentials every 30 seconds. It analyzes them for fraud patterns like unrealistic skill combinations or suspicious timing, verifies them on-chain, and tracks employer reputation scores. If something looks fishy, it flags the credential and alerts us.The agents use ts-node with a custom tsconfig to access our Supabase client and OpenAI API. Getting them to read .env.local was a pain. We had to manually configure dotenv to load the right file since Node.js doesn't auto-detect it like Next.js does.For sensitive data, we use Lit Protocol to encrypt salary information. Only the worker's wallet can decrypt their own salary. Not even the employer can read it after issuing the credential. This was harder than expected because Lit's session signatures kept expiring, so we had to implement proper session management.Blockscout SDK integration lets users track their transaction history directly in the app. We added custom notification toasts that pop up whenever a transaction is submitted. Clicking them opens Blockscout to see the full details. This made the UX way smoother than constantly checking Etherscan manually.The GitHub integration was fun. We use OAuth to connect users' GitHub accounts, fetch their repos and commit history, then visualize it with recharts. We cache the data in localStorage to avoid rate limits since GitHub's API is strict about requests.The hackiest part? Real-time verification updates. When a company gets verified by the AI agent, we need the frontend to instantly unlock the Issue Credential button. We originally used polling, but it felt clunky. So we added a custom event listener that fires whenever the verification status changes, triggering an immediate UI update. It's not the most elegant solution, but it works perfectly.Database schema was tricky too. We have tables for credentials, company verifications, employer reputation, and agent action logs. The credentials table stores both the plain credential data and the encrypted salary field. We use Supabase's RLS policies to ensure workers can only see their own credentials.The UI is all Tailwind with custom dark theme variables. We kept it minimal and focused on clarity. No fancy animations, just clean cards and clear status indicators. The verification badges use green for verified companies, which shows up everywhere from the employer dashboard to worker credential cards.One thing we're proud of is the entire flow works end-to-end without any centralized backend. The AI agents run separately, but the core app is fully decentralized. Credentials live on-chain, payments go through smart contracts, and verification happens autonomously.Biggest challenge? Time. We wanted to add worker reputation scores and credential revocation, but ran out of runway.