1️⃣ Multisig Member Wallet Addresses:
- The wallet addresses of all multisig members will be listed in this section.
- You can choose whether to publicly associate these members with the project or keep them anonymous by using aliases.
- Name, Twitter, and Pictures:
- You can also assign names, Twitter handles, and pictures for each member. This can either reflect individual committee members or represent the project itself (e.g., using the project’s name, logo, and Twitter handle).
2️⃣ PGP Keys:
- At least one committee member must have a PGP key.
- By clicking on the relevant field, you'll be redirected to a PGP generator to create a pair of public and private keys.
- Once generated, download these keys to your local machine and store them securely in your browser.
- The public PGP key is used to encrypt reports and for processing the final payout.
- For audit competitions, you’ll likely use the PGP key only for payouts, as submissions are typically made public.
- For bug bounty competitions, all reports are encrypted, and you will need the PGP key to decrypt these submissions.
- This step ensures that any encrypted messages (including submissions and reports) are sent to the appropriate committee members through notifications received via email.
3️⃣ Non-Multisig Committee Members:
- You have the option to add committee members who are not part of the multisig. These members won’t have the ability to modify the vault or sign payments.
- These could be previous auditors or external developers you trust.
- In Hats competitions, we often add developers’ PGP keys to assist with the payment process if needed.