Fantom Bug Bounty Program
Fantom is a blockchain ecosystem designed to help you focus on real-world solutions to real-world problems, with no compromise.
BOUNTY CAMPAIGN
Fantom Bug Bounty Program
Activity type:
/
Bug Bounty
Dates:
30 Jun 2020
-
30 Sep 2020
Registration:
OPEN
Reward pool:
Not set
(TBA)
Personal reward:
~$250 - $5000
(TBA)
Difficulty:
HARD
Links:
Ends in:
Notes:
As the Fantom ecosystem continues to grow, issues will arise. In order to encourage the community to identify, report, and assist in solving these issues, we are announcing an official bug bounty program.
For each issue, the team will investigate, and if the issue is genuine, the Foundation will make a payment in USD-denominated stablecoins, depending on the severity of the issue, the level of details for each issue, and the assistance provided in finding a solution to them.
Reward
The rewards tiers are as follows:
1. Low severity (without solution): $250
2. Low severity (with solution): $400
3. Medium severity (without solution): $500
4. Medium severity (with solution): $750
5 .High severity (without solution): $1000
6 .High severity (with solution): $1500
7 .Critical severity (without solution): $2500
8. Critical severity (with solution): $5000
We are most interested in issues that affect applications such as wallets (primarily back-end), smart contracts (including the SFC and governance contract), and go-lachesis itself. Issues that affect other services such as the website (https://fantom.foundation) and explorer (https://explorer.fantom.network) will also be considered, but are likely to be of low severity.
Issues related to third-party software that merely uses Fantom’s APIs (third party wallets and explorers, for example) will not be considered for a reward, as there is nothing we can reasonably do to prevent these.
Eligibility
Eligibility and classification of submissions is wholly at the discretion of the Foundation.
In order to make a submission, you must email bugs@fantom.foundation, with a description of the issue (with as much detail as possible, including steps required to reproduce it), and a suggested solution (if available).
We will accept a solution if it solves the issue, or contributes significantly to a solution. One reward per bug is available, and only the first eligible submission for each will receive a reward.
Please do not DM or email team members directly. Otherwise, we may not see your submission.
Note that if a submission becomes public, or is publicly reported before being fixed, then the submitter will be disqualified from any reward.
Eligibility is also contingent on responsible investigation and reporting. Investigations that are pursued by means of exploitation, denial of service (DDoS), disruption to our operations, or any other action that could be construed as an attack, will not be eligible for a reward.
For each issue, the team will investigate, and if the issue is genuine, the Foundation will make a payment in USD-denominated stablecoins, depending on the severity of the issue, the level of details for each issue, and the assistance provided in finding a solution to them.
Reward
The rewards tiers are as follows:
1. Low severity (without solution): $250
2. Low severity (with solution): $400
3. Medium severity (without solution): $500
4. Medium severity (with solution): $750
5 .High severity (without solution): $1000
6 .High severity (with solution): $1500
7 .Critical severity (without solution): $2500
8. Critical severity (with solution): $5000
We are most interested in issues that affect applications such as wallets (primarily back-end), smart contracts (including the SFC and governance contract), and go-lachesis itself. Issues that affect other services such as the website (https://fantom.foundation) and explorer (https://explorer.fantom.network) will also be considered, but are likely to be of low severity.
Issues related to third-party software that merely uses Fantom’s APIs (third party wallets and explorers, for example) will not be considered for a reward, as there is nothing we can reasonably do to prevent these.
Eligibility
Eligibility and classification of submissions is wholly at the discretion of the Foundation.
In order to make a submission, you must email bugs@fantom.foundation, with a description of the issue (with as much detail as possible, including steps required to reproduce it), and a suggested solution (if available).
We will accept a solution if it solves the issue, or contributes significantly to a solution. One reward per bug is available, and only the first eligible submission for each will receive a reward.
Please do not DM or email team members directly. Otherwise, we may not see your submission.
Note that if a submission becomes public, or is publicly reported before being fixed, then the submitter will be disqualified from any reward.
Eligibility is also contingent on responsible investigation and reporting. Investigations that are pursued by means of exploitation, denial of service (DDoS), disruption to our operations, or any other action that could be construed as an attack, will not be eligible for a reward.
COMMENTS
POPULAR IEO
DAO Maker
ChainPort
Blockchain Service
$4,150,000
$4,150,000
Ended 5 APR
BSCStation
Angels Creed
Gaming
$600,000
$600,000
Ended 26 DEC
SolPAD
Blockchain Platform
$75,000
$75,000
Ended 4 JUN
Coinlist
Gods Unchained
Gaming
$10,320,000
$10,320,000
Ended 20 OCT
Moonlight
Blockchain service
$2,450,000
$4,900,000
Ended 31 AUG
