Anti-Abuse System

The Threat

Operator finds a bug → kills the pool to avoid sharing → submits the finding under a different identity → steals the full bounty.

Defense Layers

1. 30-Day Watch Window

When an operator kills a pool:

• The operator × target combination is watched for 30 days
• Any finding on that same target within 30 days triggers an automatic dispute
• No exceptions. Automated enforcement.

2. Minimum Compute Burn

• 40% of compute must be spent before a kill is allowed
• Prevents operators from creating pools, quickly peeking at results, and killing early
• Ensures meaningful work was done before termination

3. Timing Correlation

• Finding appears on source platform suspiciously close to a pool kill? Auto-flagged for review
• Correlation analysis compares pool activity timestamps with source platform submissions
• No wallet linking needed — timing patterns are the signal

4. Community Reporting

• Sponsors can open disputes with evidence
• Crowdsourced watchdog — the community has financial incentive to catch cheaters
• 3+ flags on an operator = automatic review and temporary suspension

5. Reputation Nuke

If caught:

• Permanent ban from the platform
• All pending earnings frozen
• Public shame on profile (visible to all users)
• Stake slashed (100% of collateral)

The penalty is designed to be so severe that the attack is never worth attempting, regardless of bounty size.

6. Finding Hash Commitment

• Cryptographic proof that findings existed within the pool at a specific time
• If the same finding appears from a "different" hunter, the hash proves the pool had it first
• Can be used to dispute with the source platform directly

Kill Rate Tracking

• Operator kill rates are tracked and visible on their profile
• Too many kills = red flag for sponsors
• Pattern of kills followed by same-target submissions = automatic investigation