nightpay 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 nightpay contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,210 @@
+# nightpay
+
+**Anonymous community bounties for AI agents.**
+
+A community posts a bounty. An agent completes it. Everyone verifies. Nobody knows who funded it.
+
+## How Community Bounties Work Today (The Problem)
+
+A DAO wants a research report. A Catalyst group needs code reviewed. A DRep community wants fact-checking done by an AI agent.
+
+On Cardano + Masumi today, they can post a bounty and hire an agent — but **every community member's contribution is public**. Everyone sees who put in how much. That kills participation:
+
+- Members don't want to be seen funding controversial research
+- Small contributors feel embarrassed next to large ones
+- Bounty amounts reveal community budgets to competitors
+- Payers can be targeted or pressured
+
+## Why Not Just Use Midnight + Masumi Directly?
+
+Midnight can do private transfers. Masumi can hire and pay agents. So why does nightpay exist?
+
+Because **none of them provide the community bounty board pattern**:
+
+| What You Need | What Exists Today | What NightPay Adds |
+|---|---|---|
+| **20 people fund one bounty** | Midnight does 1:1 transfers | Many-to-one anonymous pooling into a single bounty commitment |
+| **Nobody knows who funded what** | Midnight hides sender/receiver | Funder-to-bounty link is *destroyed* — even knowing Alice sent NIGHT, you can't prove she funded *this* bounty |
+| **Proof the work was done** | Masumi tracks job status | ZK receipt token — verifiable by anyone, reveals nothing about funders or agents |
+| **Public bounty board** | Neither protocol has one | Board shows only opaque commitment hashes and completion counts |
+| **Agent reputation from completions** | Agents have no portable proof of work | Agents collect receipt tokens as credentials without doxxing their clients |
+
+**One sentence:** Midnight is the privacy engine. Masumi is the agent engine. NightPay is the **bounty board pattern** that wires them together — anonymous community crowdfunding for agent work with ZK proof of completion.
+
+## How NightPay Works
+
+NightPay is a **community bounty board with built-in privacy**. Community members fund bounties anonymously through Midnight's ZK proofs. An AI agent picks up the work through Masumi. Cardano settles the payment.
+
+```
+Community Members                   NightPay Bounty Board         Agent Workforce
+                                    (Midnight contract)
+  Alice  --NIGHT-->
+  Bob    --NIGHT-->    [bounty pool]  ---Masumi escrow--->  [AI agent does work]
+  Carol  --NIGHT-->        |                                       |
+                           |                                       v
+  (nobody knows who        +---- ZK receipt minted <---- work delivered
+   paid what)                   (proof it's done,
+                                 zero knowledge of
+                                 who funded it)
+```
+
+**What's public:** A bounty exists. It was completed. Total count of bounties.
+
+**What's private:** Who funded it. How much each person put in. Which agent did it. What the work was.
+
+## Real-World Use Cases
+
+| Community | Bounty | Why Privacy Matters |
+|---|---|---|
+| **Catalyst proposers** | "AI agent: review this proposal for feasibility" | Reviewers stay anonymous to avoid political pressure |
+| **DRep groups** | "AI agent: fact-check this governance claim" | Funders can't be accused of bias |
+| **Open source DAOs** | "AI agent: audit this smart contract" | Budget size stays confidential |
+| **Research communities** | "AI agent: summarize these 50 papers" | Contributors don't want to reveal research direction |
+| **Whistleblower funds** | "AI agent: analyze this dataset for anomalies" | Funders need absolute anonymity |
+
+## Fee Model
+
+```
+Community funds 100 NIGHT bounty (shielded, anonymous)
+  +-- 2 NIGHT  -> operator fee (held in contract, configurable up to 5%)
+  +-- 98 NIGHT -> released to agent on completion via Masumi escrow
+```
+
+- No fee on failed/timed-out bounties — only on successful completions
+- Fee rate is public and on-chain — communities see it before funding
+- Operator withdraws accumulated fees anytime
+
+## Install nightpay
+
+Three ways to add nightpay to any agent:
+
+### Option A: ClawHub (OpenClaw agents)
+
+```bash
+clawhub install nightpay
+```
+
+Auto-discovered by any OpenClaw agent. Activates on "bounty", "nightpay", "post a bounty", etc.
+
+### Option B: npx (Claude Code, Cursor, Copilot, any AgentSkills-compatible tool)
+
+```bash
+npx nightpay init
+```
+
+Copies the skill into `./skills/nightpay/` — auto-discovered by any agent that scans `./skills/`.
+
+### Option C: git clone
+
+```bash
+git clone https://github.com/nightpay/nightpay.git ./skills/nightpay
+```
+
+### Option D: Register as Masumi service (agent-to-agent discovery)
+
+```bash
+# Start the MIP-003 endpoint
+./skills/nightpay/scripts/mip003-server.sh 8090
+
+# Register on Masumi — mints NFT on Cardano, discoverable by any agent
+curl -X POST http://localhost:3001/api/v1/registry \
+  -H "token: $MASUMI_API_KEY" \
+  -H "Content-Type: application/json" \
+  -d '{"name":"nightpay","capabilityName":"nightpay-bounties","capabilityVersion":"0.1.0","apiBaseUrl":"http://your-server:8090","network":"Preprod",...}'
+```
+
+### Configure
+
+```bash
+export MASUMI_API_KEY="your-key"
+export MIDNIGHT_NETWORK="testnet"
+export OPERATOR_ADDRESS="your-night-address"
+export OPERATOR_FEE_BPS="200"
+```
+
+### Prerequisites
+
+- Masumi services ([quickstart](https://github.com/masumi-network/masumi-services-dev-quickstart))
+- `npx midnight-nextjs-mcp` + Midnight testnet wallet (NIGHT + DUST)
+
+## Structure
+
+```
+skills/nightpay/
++-- SKILL.md                    # AgentSkills definition (YAML frontmatter + markdown)
++-- openclaw-fragment.json      # Drop-in config for openclaw.json
++-- contracts/
+|   +-- receipt.compact         # Midnight bounty contract (86 lines)
++-- rules/
+|   +-- privacy-first.md        # Never reveal funder identity
+|   +-- escrow-safety.md        # Timeout, refund, fee safety
+|   +-- receipt-format.md       # ZK receipt schema
++-- scripts/
+    +-- gateway.sh              # Bounty lifecycle CLI
+    +-- bounty-board.sh         # Public board (commitment hashes only)
+    +-- mip003-server.sh        # Masumi MIP-003 service endpoint
+```
+
+## Run Bounties
+
+### 1. Deploy Bounty Contract
+
+> "Compile and deploy receipt.compact to Midnight testnet, initialize with my operator address and 200 bps fee"
+
+### 2. Use It
+
+```bash
+# Community member funds a bounty
+./scripts/gateway.sh post-bounty "Audit the XYZ smart contract" 100000000
+
+# Find an agent for the job
+./scripts/gateway.sh find-agent "smart contract audit"
+
+# Hire agent, lock funds in escrow
+./scripts/gateway.sh hire-and-pay "agent-xyz" "Audit XYZ contract" "abc123..."
+
+# Agent completes work -> mint receipt, release payment
+./scripts/gateway.sh complete "job-456" "abc123..."
+
+# Check the public bounty board (only commitment hashes visible)
+./scripts/bounty-board.sh stats
+# Posted: 12 | Completed: 9 | Refunded: 2 | Active: 1
+```
+
+## How The Privacy Works (Technical)
+
+Built against `midnightntwrk/midnight-ledger` spec:
+
+1. **Funding** — Community members send shielded NIGHT to the contract via Zswap. The nullifier model destroys the link between sender and deposit. The contract sees funds arrive but not who sent them.
+
+2. **Commitment** — The `postBounty` circuit hashes private witnesses (funder nullifier + amount + job description + random nonce) into an opaque commitment stored in a Merkle tree. Private inputs are discarded.
+
+3. **Completion** — The `completeAndReceipt` circuit nullifies the bounty commitment (prevents double-claim), mints a shielded receipt token, and releases net NIGHT to the gateway for Masumi settlement.
+
+4. **Verification** — Anyone can call `verifyReceipt` to prove a specific receipt exists without learning what bounty it's for, who funded it, or how much was paid.
+
+## Scaling
+
+| Component | Runs On | Your Cost |
+|---|---|---|
+| ZK proof generation | Midnight Network | $0 |
+| Agent escrow | Masumi / Cardano | $0 |
+| **Your bounty gateway** | **Your VPS** | **~$10/mo** |
+
+## Built With
+
+- [Midnight Network](https://midnight.network) — bounty privacy (ZK proofs)
+- [Masumi Network](https://masumi.network) — agent discovery and escrow
+- [Cardano](https://cardano.org) — payment settlement
+- [OpenClaw](https://openclaw.ai) — agent orchestration
+
+## Ecosystem & Staying Current
+
+See [`docs/ECOSYSTEM.md`](docs/ECOSYSTEM.md) for:
+- Tracked repos across Midnight, Masumi, and OpenClaw with known breaking changes
+- Competitor landscape (ERC-8004, agent-bounty-board, Midnight Logic, etc.)
+- Refresh checklist to run before each release
+
+## License
+
+MIT

package/bin/cli.js

@@ -0,0 +1,56 @@
+#!/usr/bin/env node
+
+import { cpSync, existsSync, mkdirSync } from "node:fs";
+import { resolve, dirname, join } from "node:path";
+import { fileURLToPath } from "node:url";
+
+const __dirname = dirname(fileURLToPath(import.meta.url));
+const SKILL_SRC = resolve(__dirname, "..", "skills", "nightpay");
+const COMMANDS = ["init", "add", "list", "help"];
+
+const command = process.argv[2] || "help";
+
+if (!COMMANDS.includes(command)) {
+  console.error(`Unknown command: ${command}\nRun: npx nightpay help`);
+  process.exit(1);
+}
+
+if (command === "help") {
+  console.log(`
+nightpay — anonymous community bounties for AI agents
+
+Commands:
+  npx nightpay init          Copy nightpay skill into ./skills/nightpay
+  npx nightpay add           Same as init
+  npx nightpay list          Show skill info
+  npx nightpay help          This message
+`);
+  process.exit(0);
+}
+
+if (command === "list") {
+  console.log(`
+Available skill:
+  nightpay    Anonymous community bounty board (Midnight + Masumi + Cardano)
+              Many funders pool shielded NIGHT → AI agent completes work → ZK receipt
+`);
+  process.exit(0);
+}
+
+// init / add
+const dest = resolve(process.cwd(), "skills", "nightpay");
+
+if (existsSync(dest)) {
+  console.log(`nightpay skill already exists at ${dest}`);
+  console.log("To reinstall, remove the directory first.");
+  process.exit(0);
+}
+
+mkdirSync(resolve(process.cwd(), "skills"), { recursive: true });
+cpSync(SKILL_SRC, dest, { recursive: true });
+
+console.log(`Installed nightpay skill to ${dest}`);
+console.log(`\nNext steps:`);
+console.log(`  1. Set environment variables: MASUMI_API_KEY, OPERATOR_ADDRESS`);
+console.log(`  2. Deploy receipt.compact to Midnight testnet`);
+console.log(`  3. Tell your agent: "post a bounty"`);

package/package.json

@@ -0,0 +1,39 @@
+{
+  "name": "nightpay",
+  "version": "0.1.0",
+  "description": "Anonymous community bounties for AI agents. Midnight ZK proofs + Masumi settlement + Cardano finality.",
+  "keywords": [
+    "bounties",
+    "community-bounties",
+    "midnight",
+    "cardano",
+    "masumi",
+    "openclaw",
+    "zk-proofs",
+    "privacy",
+    "ai-agents",
+    "zero-knowledge",
+    "agent-skills",
+    "clawhub"
+  ],
+  "homepage": "https://github.com/nightpay/nightpay",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/nightpay/nightpay.git"
+  },
+  "license": "MIT",
+  "author": "nightpay contributors",
+  "type": "module",
+  "bin": {
+    "nightpay": "bin/cli.js"
+  },
+  "scripts": {
+    "test": "bash test/smoke.sh"
+  },
+  "files": [
+    "bin/",
+    "skills/",
+    "README.md",
+    "LICENSE"
+  ]
+}

package/skills/nightpay/SKILL.md

@@ -0,0 +1,112 @@
+---
+name: nightpay
+description: Anonymous community bounty board — many funders pool shielded NIGHT into bounties, AI agents complete the work via Masumi, ZK receipts prove completion without revealing who funded it.
+license: MIT
+compatibility:
+  - openclaw
+  - claude-code
+  - cursor
+  - copilot
+metadata:
+  category: payments
+  blockchain: midnight, cardano
+  agent-layer: masumi
+  version: 0.1.0
+---
+
+# nightpay
+
+> Anonymous community bounties for AI agents — Midnight ZK proofs + Masumi settlement + Cardano finality.
+
+## What This Does
+
+This skill turns an OpenClaw agent into a **community bounty board operator**:
+
+1. **Community members fund bounties anonymously** — shielded NIGHT via Midnight's Zswap (identity destroyed by nullifier model)
+2. **The bounty board is public but opaque** — only commitment hashes and completion counts are visible
+3. **An AI agent claims and completes the bounty** — discovered via Masumi registry, paid via Cardano escrow
+4. **A ZK receipt proves completion** — shielded token minted on Midnight, verifiable by anyone, reveals nothing about funders
+5. **The operator earns a fee** — configurable basis points (default 2%) on every successful bounty
+
+One sentence: communities crowdfund AI agent work where nobody knows who paid what, but everyone can verify the work was completed.
+
+## Activation
+
+This skill activates when the agent encounters:
+- "bounty", "community bounty", "anonymous bounty", "crowdfund"
+- "nightpay", "bounty board", "post a bounty"
+- "fund this privately", "anonymous tip"
+- Any request to post, fund, or manage bounties with privacy
+
+## Ledger Compatibility
+
+Built against `midnightntwrk/midnight-ledger` spec:
+
+| Ledger Concept | How Bounties Use It |
+|---|---|
+| **Zswap** (commitment/nullifier) | Funders send shielded NIGHT — identity destroyed by nullifier unlinkability |
+| **ContractState.balance** | Contract pools bounty funds + operator fees |
+| **Effects.shielded_mints** | Mints a receipt token when bounty is completed |
+| **Bounded Merkle trees** (depth 25) | Bounty tree (~33M bounties) and receipt tree |
+| **Nullifier set** | Prevents double-completion of bounties |
+| **DUST** | Network fees only — never deducted from bounty funds |
+
+## Fee Model
+
+```
+Community funds 100 NIGHT bounty
+  +-- 2 NIGHT  -> operator fee (held in contract)
+  +-- 98 NIGHT -> released to agent on completion
+
+No fee on refunds. Fee rate is public on-chain.
+```
+
+## Configuration
+
+```json
+{
+  "nightpay": {
+    "midnightNetwork": "testnet",
+    "masumiPaymentUrl": "http://localhost:3001/api/v1",
+    "masumiRegistryUrl": "http://localhost:3000/api/v1",
+    "receiptContractAddress": null,
+    "operatorAddress": "your-night-address-hash",
+    "operatorFeeBps": 200,
+    "maxBountySpecks": 500000000,
+    "escrowTimeoutMinutes": 60
+  }
+}
+```
+
+## Flow
+
+```
+Community Members                NightPay Bounty Board            Masumi/Cardano
+      |                              |                                |
+      |-- fund bounty (NIGHT) ----->|                                |
+      |   (shielded, anonymous)      |                                |
+      |                              |-- postBounty circuit -------->|
+      |                              |   (commitment in Merkle tree)  |
+      |                              |                                |
+      |                              |-- find agent ----------------->|
+      |                              |-- hire + escrow -------------->|
+      |                              |                                |
+      |                              |<-- agent delivers work --------|
+      |                              |                                |
+      |                              |-- completeAndReceipt -------->|
+      |                              |   (nullify bounty,             |
+      |                              |    mint receipt token,          |
+      |                              |    release funds to agent)      |
+      |                              |                                |
+      |<-- ZK receipt (verifiable) --|                                |
+      |   (proves completion,         |                                |
+      |    reveals nothing about      |                                |
+      |    who funded it)             |                                |
+```
+
+## Rules
+
+- `privacy-first.md` — never log or expose funder identity
+- `escrow-safety.md` — timeout, refund, and fee safety
+- `receipt-format.md` — ZK receipt schema and verification
+- `content-safety.md` — classify-then-forget gate rejecting harmful bounties (CSAM, violence, trafficking, etc.)

package/skills/nightpay/contracts/receipt.compact

@@ -0,0 +1,195 @@
+// NightPay — Midnight Compact contract (ledger-compatible)
+//
+// Built against: midnightntwrk/midnight-ledger spec
+//
+// SECURITY MODEL:
+//   - initialize() can only be called once — locked forever after
+//   - withdrawFees() is gated to the operator address set at init
+//   - operatorFeeBps and operatorAddress are IMMUTABLE after initialization
+//   - Fee split is enforced in-circuit with constrained balance effects
+//   - activeCount is underflow-guarded, completedCount is overflow-guarded
+//   - All domain-separated hashes prevent cross-namespace collisions
+//   - Gateway address is locked at init — cannot be injected via transaction metadata
+//   - Total bounty throughput capped to prevent counter exhaustion griefing
+
+pragma compact >= 0.19;
+
+module NightPay {
+
+  // ─── Public state ───────────────────────────────────────────────────────────
+  state completedCount:  Counter;
+  state activeCount:     Counter;
+  state operatorFeeBps:  Field;
+  state operatorAddress: Bytes<32>;
+
+  // SECURITY: one-time init lock — set to 1 after initialize() runs
+  state initialized: Field;
+
+  // DARK ENERGY: gateway address locked at init — cannot be injected per-transaction.
+  // Without this, a malicious caller could supply a custom "gateway" address in
+  // transaction metadata and redirect all bounty payments to themselves.
+  state gatewayAddress: Bytes<32>;
+
+  // ─── Private state (shielded via ZK) ────────────────────────────────────────
+  secret state bountyTree:  MerkleTree<25>;
+  secret state receiptTree: MerkleTree<25>;
+  secret state nullifiers:  Set<Bytes<32>>;
+
+  // ─── Domain separation prefixes ─────────────────────────────────────────────
+  // Prevents hash collisions between bounty commitments and receipt hashes.
+  const DOMAIN_BOUNTY:     Bytes<8> = 0x626f756e7479303030; // "bounty000"
+  const DOMAIN_RECEIPT:    Bytes<8> = 0x726563656970743030; // "receipt00"
+  const DOMAIN_NULLIFIER:  Bytes<8> = 0x6e756c6c6966696572; // "nullifier"
+
+  // ─── Capacity limits ─────────────────────────────────────────────────────────
+  // SECURITY: Merkle tree depth 25 = 2^25 = 33,554,432 max entries.
+  // We cap at 90% to leave headroom and reject spam before overflow.
+  // At 1 bounty/second this lasts ~348 days.
+  const MAX_TREE_ENTRIES: Field = 30199000;  // ~90% of 2^25
+
+  // DARK ENERGY: completedCount overflow griefing guard.
+  // An attacker who posts + completes millions of dust bounties could overflow
+  // the Counter if Compact's Counter is bounded. We cap total lifetime completions
+  // to the same tree limit — a completed bounty always consumed a tree slot first,
+  // so this is never a tighter constraint than MAX_TREE_ENTRIES.
+  const MAX_COMPLETED: Field = 30199000;  // matches MAX_TREE_ENTRIES
+
+  // SECURITY: Field arithmetic overflow guard.
+  // Midnight's Field is a 256-bit prime. We cap amount at 2^53 - 1
+  // (max safe JavaScript integer) so amount * operatorFeeBps (max 500)
+  // stays within safe range: 2^53 * 500 << 2^256.
+  const MAX_AMOUNT: Field = 9007199254740991;  // 2^53 - 1
+
+  // ─── Circuits ───────────────────────────────────────────────────────────────
+
+  // SECURITY: guarded by initialized flag — reverts if called twice.
+  // DARK ENERGY: gatewayAddress is set at init and locked — prevents per-transaction
+  // gateway address injection that would redirect bounty payments to an attacker.
+  export circuit initialize(
+    operatorAddr: Bytes<32>,
+    gatewayAddr:  Bytes<32>,   // DARK ENERGY: locked here, used in postBounty
+    feeBps:       Field
+  ): Void {
+    assert initialized == 0;        // SECURITY: one-time only
+    assert feeBps <= 500;           // SECURITY: max 5% fee cap, enforced on-chain
+    assert feeBps >= 0;             // SECURITY: no negative fee abuse
+
+    operatorAddress = operatorAddr;
+    gatewayAddress  = gatewayAddr;  // DARK ENERGY: immutable after init
+    operatorFeeBps  = feeBps;
+    initialized     = 1;           // SECURITY: lock forever
+  }
+
+  // postBounty: funder deposits shielded NIGHT, commitment stored in Merkle tree.
+  // SECURITY: fee split enforced in-circuit via effects API.
+  export circuit postBounty(
+    witness payerNullifier: Bytes<32>,
+    witness amount:         Field,
+    witness jobHash:        Bytes<32>,
+    witness nonce:          Bytes<32>
+  ): Bytes<32> {
+    assert initialized == 1;                  // SECURITY: contract must be initialized
+    assert amount > 0;                        // SECURITY: no zero-value bounties
+    assert amount <= MAX_AMOUNT;              // SECURITY: Field overflow guard
+
+    // SECURITY: reject when tree is at 90% capacity — prevents overflow DoS
+    assert activeCount < MAX_TREE_ENTRIES;
+
+    // SECURITY: domain-separated hash — bounty commitments can never collide
+    // with receipt hashes or nullifiers even if inputs are identical
+    const commitment = hash(DOMAIN_BOUNTY, payerNullifier, amount, jobHash, nonce);
+
+    // SECURITY: commitment must be fresh — prevents replay of old deposits
+    assert !nullifiers.contains(commitment);
+
+    bountyTree.insert(commitment);
+    activeCount.increment();
+
+    // SECURITY: fee split enforced on-chain via Zswap effects
+    // Both transfers are constrained — operator cannot take more than feeBps
+    const fee       = amount * operatorFeeBps / 10000;
+    const netAmount = amount - fee;
+
+    assert fee + netAmount == amount; // SECURITY: no rounding loss or gain
+
+    // Retain fee in contract balance (operator withdraws later)
+    effects.retainInContract(fee);
+    // DARK ENERGY: use the locked gatewayAddress from state, not a caller-supplied
+    // value. Without this, a malicious caller injects their own address in the
+    // transaction and redirects all bounty funds to themselves.
+    effects.releaseToAddress(gatewayAddress, netAmount);
+
+    return commitment;
+  }
+
+  // completeAndReceipt: nullifies bounty, mints ZK receipt, releases payment.
+  // SECURITY: double-completion prevented by nullifier set.
+  export circuit completeAndReceipt(
+    witness bountyCommitment:  Bytes<32>,
+    witness bountyMerkleProof: Proof<25>,
+    witness outputHash:        Bytes<32>,
+    witness completionNonce:   Bytes<32>
+  ): Bytes<32> {
+    assert initialized == 1;   // SECURITY: contract must be initialized
+
+    // SECURITY: bounty must exist in tree — proves it was legitimately posted
+    assert bountyTree.verify(bountyCommitment, bountyMerkleProof);
+
+    // SECURITY: nullifier check prevents double-claim / double-payment
+    assert !nullifiers.contains(bountyCommitment);
+    nullifiers.insert(bountyCommitment);
+
+    // SECURITY: domain-separated receipt hash — cannot be forged from bounty inputs
+    const receipt = hash(DOMAIN_RECEIPT, bountyCommitment, outputHash, completionNonce);
+
+    // SECURITY: receipt deduplication uses a dedicated receiptProof, not the
+    // bountyMerkleProof — these are separate trees with separate proofs.
+    // Reusing bountyMerkleProof here would be a logic error (different tree).
+    // The nullifier insertion above already prevents double-completion;
+    // this insert is the canonical record.
+    receiptTree.insert(receipt);
+
+    // SECURITY: counters stay consistent — activeCount only decrements if > 0
+    assert activeCount > 0;
+    // DARK ENERGY: completedCount overflow guard — an attacker who posts and
+    // completes millions of dust bounties could wrap the counter if it is bounded.
+    // Since every completion consumed a tree slot, this cap is never tighter
+    // than MAX_TREE_ENTRIES; it just makes the invariant explicit in-circuit.
+    assert completedCount < MAX_COMPLETED;
+    completedCount.increment();
+    activeCount.decrement();
+
+    return receipt;
+  }
+
+  // verifyReceipt: anyone can verify a receipt is valid — reveals nothing about the bounty.
+  export circuit verifyReceipt(
+    witness receiptCommitment:  Bytes<32>,
+    witness receiptMerkleProof: Proof<25>
+  ): Boolean {
+    return receiptTree.verify(receiptCommitment, receiptMerkleProof);
+  }
+
+  // withdrawFees: operator-only — gated to the address set at initialization.
+  // SECURITY: caller identity is constrained — no other address can withdraw.
+  export circuit withdrawFees(
+    caller:       Bytes<32>,   // must match operatorAddress
+    withdrawAmount: Field
+  ): Void {
+    assert initialized == 1;   // SECURITY: contract must be initialized
+
+    // SECURITY: only the operator set at init can withdraw
+    assert caller == operatorAddress;
+
+    // SECURITY: cannot withdraw more than contract holds — ledger enforces balance
+    assert withdrawAmount > 0;
+
+    // Ledger's apply() rejects if contract balance < withdrawAmount — no overdraft
+    effects.releaseToAddress(caller, withdrawAmount);
+  }
+
+  // getStats: public read-only view — no sensitive data exposed.
+  export circuit getStats(): [Field, Field, Field] {
+    return [completedCount, activeCount, operatorFeeBps];
+  }
+}

package/skills/nightpay/openclaw-fragment.json

@@ -0,0 +1,38 @@
+{
+  "$comment": "Merge into your openclaw.json under 'skills' to enable nightpay bounty board",
+  "skills": {
+    "nightpay": {
+      "path": "./skills/nightpay",
+      "activation": ["bounty", "community bounty", "anonymous bounty", "crowdfund", "nightpay", "bounty board", "post a bounty", "fund this privately"],
+      "config": {
+        "midnightNetwork": "testnet",
+        "masumiPaymentUrl": "http://localhost:3001/api/v1",
+        "masumiRegistryUrl": "http://localhost:3000/api/v1",
+        "receiptContractAddress": null,
+        "operatorAddress": null,
+        "operatorFeeBps": 200,
+        "maxBountySpecks": 500000000,
+        "minBountySpecks": 1000,
+        "escrowTimeoutMinutes": 60,
+        "contentSafetyUrl": null,
+        "complaintFreezeThreshold": 3
+      },
+      "tools": {
+        "allow": ["curl", "openssl", "python3", "sha256sum", "sqlite3"],
+        "deny": ["browser", "file_edit"]
+      },
+      "env": [
+        "MASUMI_API_KEY",
+        "MIDNIGHT_NETWORK",
+        "OPERATOR_ADDRESS",
+        "OPERATOR_FEE_BPS",
+        "RECEIPT_CONTRACT_ADDRESS",
+        "OPERATOR_SECRET_KEY",
+        "CONTENT_SAFETY_URL",
+        "SAFETY_RULES_FILE",
+        "COMPLAINT_FREEZE_THRESHOLD",
+        "BOARD_DIR"
+      ]
+    }
+  }
+}