BugBounty AI: Decentralized Audit Marketplace

About the Project

The immutable nature of blockchain technology inspired us to build DeAudit.

Problem: Smart contracts, once deployed, cannot be altered. Vulnerabilities in code often lead to significant financial losses.
Reality: 47% of web3 hacks in 2022 were due to contract vulnerabilities. Only 52% of exploited projects were audited.
Need: Traditional auditing processes are expensive, slow, and inaccessible to many emerging projects. We envisioned a participative, decentralized solution where the audit process is democratized and incentivized.

FLOW :-

Smart Contracts:
- Written in Solidity and deployed on the Polygon network using Hardhat for development.
- Contracts handle pools (YesBugs and NoBugs), bug validation, and fund distribution.
Specialized Language Model (SLM):
- AI model trained on datasets like Solidity codebases, bug reports, and vulnerability disclosures.
- Designed to assist auditors by suggesting potential vulnerabilities and prioritizing critical areas.
Frontend:
- Built with Next.js, ChakraUI, and Sass for a seamless user experience.
- Integrated RainbowKit and wagmi.sh for wallet connectivity.
Backend:
- Express.js server powered by Supabase for off-chain data storage.
- Key off-chain data is later moved to IPFS for decentralization.
Decentralized Governance:
- Chainlink VRF ensures unbiased jury selection.
- A 3/5 multisig mechanism empowers the jury to validate reported bugs.

We aim to:

Implement stricter background checks and decentralized governance for jury selection.
Store all supplementary data on IPFS for complete decentralization.
Create NFTs for contracts verified as bug-free, adding an extra layer of trust.
Expand our frontend dApp by migrating to TypeScript for scalability.

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.