c

catatEST. 2026

Forms with cryptographic
proof, not vendor promises.

A feedback & form platform where the schema, every submission, and the access policy all live on-chain — Walrus, Sui, Seal. No backend.

SUI WALRUS SEAL Walrus Sessions S2 · Form Tooling

Open: "Every form tool you've ever used asks you to trust them with your data. catat is the one that doesn't." Hold the title 3 seconds. Don't read the sub-line — let them read it. This is a hackathon judge audience: they've seen 100 submissions today, so the first sentence has to land alone.

The problem

Your forms die when the SaaS does.

Typeform, Tally, Google Forms — every submission lives in their database. The company pivots, gets acquired, sunsets the free tier — your data, and the proof it ever existed, leaves with them.

🗄️

Custodial by default

You don't hold your responses. You rent access to them.

🫥

No real proof

A screenshot isn't evidence. An email timestamp the operator can backdate isn't either.

👁️

They read everything

"Encrypted" usually means encrypted from everyone but the vendor.

Objection prep: "But web3 form tools exist." — Yes, and the next slide kills that. Most of them still store the schema + responses in a centralized DB or centralized IPFS pinning, and only put a hash on-chain. The form definition itself isn't on-chain, so it's not really verifiable end-to-end. Keep this slide to ~20s.

Why it matters

Some forms need to be provable.

BUG BOUNTY"I reported this exploit first, on this date."

GRANT / HACKATHON"This was submitted before the deadline."

GOVERNANCE"This is exactly what the proposal said."

For these, "trust the form vendor" isn't good enough. You need tamper-evident, durable, independently verifiable — and you need the sensitive parts actually private.

That's not a feature request. That's a different foundation.

Pace: this is the emotional peak of the Problem-Agitate-Solve arc — slow down. Land each of the three use-cases, then the punchline. The last hand-written line is the pivot into the solution. ~25s.

The solution

catat puts every layer on-chain.

Schema → a Walrus blob. The form definition itself, public & content-addressed.
Submissions → Walrus Quilt batches. JSON + attachments in one blob, ~100× cheaper.
Registry & ownership → a Sui Move object. Verifiable count, on-chain owner.
Private fields → Seal IBE. Encrypted before they leave the browser.
The dashboard itself → hosted on Walrus Sites. No server anywhere.

🪶

Like Tally — but the data is yours

Same drag-and-drop form builder UX people already know. The difference is underneath: nothing catat stores can be locked away, altered, or read by us. Delete catat tomorrow and anyone can rebuild a viewer from the chain.

One idea: "every layer on-chain" — most web3 form tools do one layer (a response hash). catat does all of them. The right-hand card is the analogy anchor: "Tally, but you own the data." Say that line out loud — analogies are how judges remember you. ~25s.

How it works

Three layers, one form.

🌊

Walrus

Decentralized blob storage. Schema + every submission as Quilt batches. Pays for N storage epochs up front.

⛓️

Sui Move

catat::form — create, submit, update, pause. Emits events the Inbox indexes live.

🔒

Seal

2-of-3 threshold IBE. Key release gated by an on-chain seal_approve_owner check.

Publish flow — 3 wallet signatures, fully on-chain

1 · WALRUSreserve storage

→

2 · WALRUScertify upload

→

3 · SUIcreate_form

→

LIVEshareable form

Don't over-explain. Judges are technical — name the three layers, show the flow, move on. The detail that earns credibility: the Seal key release is gated by an actual Move function, not a catat server. Mention it in one sentence. ~20s.

The moment that sells it

Anyone can re-derive the receipt.

Paste any submission's blob_id into the public Verify surface — no wallet, no login.

Blob re-fetched straight from Walrus
SubmissionAdded event found on Sui
Schema linked, content shown — sealed fields stay sealed

verified ✓

catat computes nothing you have to trust. Verify is just a Walrus read plus a Sui event query, shown nicely. Remove catat entirely and the proof still stands.

A skeptic doesn't have to believe us. They check.

This is the demo's money shot — and the deck's. If you only get one thing across, it's this: the proof is independent of catat. In the demo video you'll actually show Verify running. Here, just plant the idea. ~20s.

The necessity test

Rip out the chain — what breaks?

⏳

Durability breaks

Walrus blobs outlive catat. Fork the MIT repo, rebuild a viewer in a weekend — the data is still there.

🔍

Verifiability breaks

The receipt comes from a content-addressed hash + an immutable Sui event log. No server can fake or deny it.

🛡️

Trustless privacy breaks

Seal releases keys only when an on-chain Move check passes. No catat server ever holds a key.

If removing the blockchain doesn't break the product, the crypto is decoration. For catat, it's the whole foundation.

Objection: "Why does this need a blockchain?" — this slide is the answer, say it confidently. The strongest of the three is durability: a centralized form tool cannot credibly promise your data outlives the company. Walrus can. ~20s.

What's built — today, live

Not a mockup. A working product.

6 surfaces

Builder · Runner · Inbox · Admin · Verify · in-app Docs.

Real on-chain

catat::form live on Sui testnet. Seed form with real submissions on-chain.

Seal encryption

Per-field 🔒 toggle, 2-of-3 IBE, decrypt round-trip working.

Multi-format export

CSV (Excel-safe), JSON, Markdown report — one click.

12 templates

Bug report, NPS, hackathon app, job app… + save your own.

Shipped quality

TS strict, ESLint clean, error boundaries, auto-deploy CI.

Live now → catat-walrus.vercel.app · open-source, MIT → github.com/PugarHuda/catat

Traction for a hackathon = completeness. Don't claim users you don't have — claim the surface area that genuinely works. Every card here is demoable live. If a judge opens the URL during judging, the seed form shows real on-chain submissions immediately. ~20s.

The ask

catat for Form Tooling.

We built the form tool the Walrus stack makes possible — and we're going for three wins at once:

🏆

The track

Full real on-chain integration — schema, submissions, ownership, encryption, hosting.

⭐

Special prize

Open-source quality: reusable patterns — paginated event scan, gas-coin race handling, Walrus singleton, hardenSchema.

💬

Best Feedback

We dogfood — catat's own bug-report form triages catat's issues. Submitted via catat itself.

Next: token-gated forms, branching logic, shared template registry.

Be specific. The ask isn't "please like us" — it's "catat for the Form Tooling track" plus the explicit multi-win strategy. The roadmap line shows this outlives the hackathon. ~18s.

c

catat

Forms you own.
Proof anyone can check.

Try it

catat-walrus.vercel.app

Code (MIT)

github.com/PugarHuda/catat

Docs

catat-walrus.vercel.app/?go=docs

SUI WALRUS SEAL — thanks for reviewing 🙏

Close: repeat the one-liner — "forms you own, proof anyone can check." Then the three links. Last words: "It's open source — fork it, host your own on Walrus. That's the whole point." End on the product, not on yourself. ~15s.