Z-Text launches bug bounty with 7 ZEC on-chain reward in closed beta

Z-Text, a blockchain messenger built on zk-SNARKs, just kicked off a closed beta and made its bug bounty public where it matters. NewsData.io reports that Z-Text published a 7 ZEC bounty pool on-chain that “anyone can verify.”

The program is simple in structure and specific in proof. NewsData.io says the bounty pool is on the ZEC chain and is visible to the public, so participants can confirm the reward exists rather than trust a web page. That also means the pool’s size can be checked before anyone ships a report.

Closed beta, limited rollout

According to NewsData.io, Z-Text’s messenger goes into closed beta on five platforms. The “closed” part matters. Bug bounties still need targets. If the app and its back end only run on a subset of platforms, the most urgent test surfaces will cluster there.

NewsData.io does not spell out which five platforms, or when broader access arrives. But the on-chain bounty does set a clear baseline for how rewards will be paid and tracked, even while users remain limited.

The bounty pool is public on-chain

NewsData.io’s key detail is the on-chain transparency. It reports a 7 ZEC bounty pool is posted and verifiable on-chain, which gives the program a measurable anchor.

For readers, that changes the incentive picture. Researchers can verify the reward pool without asking permission from the project. It also creates an audit trail for the bounty program itself, which is useful if disputes ever show up.

NewsData.io frames the bounty as something anyone can participate in, describing the payout as available “to anyone who breaks it.” In practice, bug bounties always come down to scope. The on-chain pool shows money exists. It does not, by itself, define what counts as a valid bug.

zk-SNARKs and “zero leaks”

NewsData.io includes the usual cryptography promise: “zk means zero leaks.” That line points to the core idea behind zk-SNARKs, where proofs can be shared without revealing underlying private data.

But a messenger built around cryptographic proofs has more moving parts than its marketing slogan. Attackers rarely target only the math. They probe the app, key handling, network flow, proof generation, and how errors propagate when something fails. The fact that Z-Text is funding external testing through a bounty suggests the project expects those realities, not just theoretical risks.

Still, NewsData.io provides no specifics about what vulnerabilities the bounty targets, what severity thresholds apply, or whether the bounty covers smart contract logic, client software, or both. Until those details are published, the announcement reads as an open-ended invite to test.

What to watch next

NewsData.io doesn’t mention any start date for disclosures, a vulnerability submission process, or a timeline for payout. Those are the pieces that determine whether a bounty is usable by researchers, not just visible on-chain.

If you’re tracking this story, the next meaningful signals are straightforward:

• Whether Z-Text publishes a clear scope for eligible bugs
• Whether payouts and winners get tracked against the on-chain pool
• Whether the closed beta expands beyond the five platforms mentioned by NewsData.io

With a verifiable 7 ZEC pool already posted, the program has at least one thing many bug bounty announcements lack. It has money you can check.