Saving Bug Bounties from AI Slop
Anto Joseph
BSidesSF 2026 · Day 1 · AMC Theatre 14
In an era increasingly influenced by advanced artificial intelligence, the traditional landscape of bug bounty programs faces significant challenges, particularly from the proliferation of AI-generated "slop" reports. Anto Joseph, a security engineer at Eigen Labs, delivered a compelling talk at BSides SF titled "Saving Bug Bounties from AI Slop," addressing these pressing issues and proposing a revolutionary, cryptographically-backed solution. This article delves into Joseph's vision for a trustless bug bounty ecosystem, leveraging the power of **Zero-Knowledge Transport Layer Security (ZK-TLS)** to authenticate vulnerabilities and ensure fair compensation for security researchers.
AI review
Joseph applies ZK-TLS and MPC-based notarization to a real, worsening problem in bug bounty programs — AI-generated spam and researcher trust deficits — and backs it with a live end-to-end demo on working infrastructure. The cryptographic machinery is real, the problem framing is honest, and the 'pay to reveal' mechanism is a genuinely clever piece of mechanism design that most security researchers haven't seen applied here.