Overview

zkPull is a trustless open-source bounty and contribution protocol that enables developers to earn rewards automatically once their pull requests are merged, without relying on manual approvals or trusted intermediaries.

In today’s open-source and Web3 ecosystem, contributors often face delayed payments, manual verification, or complete uncertainty about whether their work will be rewarded. Bug bounties and contribution incentives typically require contributors to trust project owners or centralized platforms to release funds after work is completed.

zkPull removes this trust assumption by turning GitHub contributions into cryptographically verifiable, on-chain enforceable claims.

The Core Idea

zkPull connects three worlds that traditionally do not trust each other:

1. Off-chain developer work (GitHub)

2. Cryptographic verification (zkTLS)

3. On-chain enforcement (EigenLayer AVS)

With zkPull:

• Project owners create bounties linked to GitHub issues and lock rewards on-chain.

• Developers contribute by submitting pull requests as usual.

• Once a pull request is merged, the developer submits the PR URL.

• zkTLS generates a zero-knowledge proof that verifies the PR status and contributor identity without exposing sensitive data.

• An EigenLayer AVS (Actively Validated Service) validates the proof and enforces the result on-chain.

• Rewards become instantly claimable by the contributor — no manual fund release required.

Key Features zkPull

1. Trustless GitHub Bounties

zkPull allows project owners to create bounties directly linked to GitHub issues, with rewards locked on-chain from the start.

• Funds are escrowed at bounty creation

• Rules are enforced by smart contracts

• Contributors are protected from unpaid work

This removes the need to trust project owners or platforms to release funds manually.

2. zkTLS-Based Pull Request Verification

zkPull uses zkTLS (Zero-Knowledge Transport Layer Security) to verify off-chain GitHub data in a privacy-preserving way.

zkTLS proves:

• that a pull request exists

• that it is merged

• that it belongs to the correct repository and issue

• that the contributor identity matches

No GitHub access tokens or raw API responses are exposed.

3. Permissionless Reward Claiming

Once a pull request is merged, contributors can independently initiate reward claiming.

• No manual approval required

• No platform intervention

• No waiting for fund release

If verification succeeds, the protocol must pay.

4. EigenLayer AVS On-Chain Enforcement

zkPull integrates with EigenLayer Actively Validated Services (AVS) to enforce verification results on-chain.

• AVS operators validate zkTLS proof outputs

• Validation is decentralized and economically incentivized

• Payouts are censorship-resistant

This moves enforcement from a backend server to a decentralized operator network.

Smart Contract Deployment

MantleUSD (mUSD): 0x5ab8ddE10e31d503C5db1D734ca64dD2e0066d72

IssuesClaimWithAVS: 0x836112Af92dCA17D5a45d3b4Fc7E490eC6b4B36e

ZKPullAVS: 0x9d507b8c972ee303773Bd409cd56Ed1b37D67a10

Business Model, Revenue & Flywheel

Business Model

zkPull is designed as protocol-level infrastructure for open-source contributions and bug bounties.
The protocol automates verification and enforcement, not contributor labor.

Core principle:

zkPull only earns revenue when a contribution is successfully verified and paid out.

This aligns incentives across all stakeholders:

• Contributors get guaranteed payouts for valid work

• Project owners pay only for verified results

• Validators (AVS operators) are rewarded for correct enforcement

• The protocol sustains itself through usage-based fees

There are:

• no subscriptions

• no upfront listing fees

• no custody of user funds

Revenue Model

zkPull uses a success-based fee model applied only at payout time.

Protocol Fee

• 5% fee on each successfully claimed bounty

Example (1,000 mUSD bounty):

• 95% (950 mUSD) → Contributor

• 5% (50 mUSD) → zkPull protocol fee

Fee Allocation

From the 5% protocol fee:

• 60% → EigenLayer AVS operators (validation work)

• 40% → zkPull protocol treasury (maintenance & development)

Result:

• Validators are economically incentivized

• Protocol remains sustainable

• Contributors receive the full advertised reward net of protocol fee

Optional Extensions (Non-Core)

• Priority validation for high-value bounties (+1–2%, opt-in, paid by project owners)

• Enterprise / DAO integrations (custom deployments, off-protocol)

Core protocol usage remains permissionless and unchanged.

Flywheel (Growth Loop)

zkPull grows through a self-reinforcing incentive loop:

1. More Projects Create Bounties
   Funds are escrowed on-chain, increasing trust and visibility.

2. More Contributors Participate
   Trustless payouts reduce risk, increasing participation.
   Assumption: +10% projects → +15–20% contributors.

3. More Successful Claims
   Higher participation leads to faster issue resolution and more validated claims.

4. Protocol Revenue Increases
   Each successful claim generates a 5% fee.

5. AVS Operator Incentives Improve
   60% of fees reward operators, attracting more validators and increasing decentralization.

6. Higher Trust & Larger Bounties
   Strong enforcement enables higher-value and security-critical bounties.

7. Flywheel Repeats at a Higher Baseline

Illustrative Metrics

• +20% contributors → +25% successful claims

• +25% claims → +25% protocol fees

• Higher fees → stronger AVS participation → higher trust

Roadmap

Phase 0 — Hackathon MVP (Current)

Goal: Prove the core trustless contribution → reward flow.

What is already implemented:

• GitHub-based bounty creation

• zkTLS proof generation for merged pull requests

• EigenLayer AVS operator for on-chain validation

• Permissionless reward claiming

• Smart contract–enforced payouts on Mantle

Phase 1 — Protocol Hardening & Reliability

Goal: Make zkPull production-safe for real open-source usage.

Planned improvements:

• zkTLS proof format standardization

• Improved AVS task retry and fault handling

• Gas and latency optimization for validation flows

• Better error reporting for failed claims

Phase 2 — Multi-Contributor & Multi-Claim Support

Goal: Reflect real-world open-source collaboration patterns.

Planned features:

• Multiple valid PRs per issue

• Partial or split reward distribution

• Configurable claim limits per bounty

• Time-based or milestone-based rewards

Phase 3 — Decentralized Operator Expansion (AVS Scaling)

Goal: Reduce reliance on a single operator and improve decentralization.

Planned features:

• Multiple AVS operators per task

• Slashing and incentive mechanisms

• Operator reputation tracking

• Permissionless operator onboarding

External Links