Blockchain projects that launch a Mainnet of their platform usually follow it up with a bug bounty program. This program gives global developers a chance to test it for vulnerabilities and earn while doing it. We saw a similar bug bounty program initiated by the Tron Foundation right after the Mainnet was released mid last year. Following with this tradition is the team at Zilliqa (ZIL) that have now launched a bug bounty program geared towards testing and securing the Mainnet.
Rewards For Finding Bugs on the ZIL Network
The team at Zilliqa has invited all available developers to test and help secure its network, cryptocurrency and smart contract implementation. The bug bounty program is being managed by Bugcrowd.
Depending on the seriousness of the bug found, the reward will range from $150 to $5,000. The vulnerabilities have been broken down into four categories as follows.
- Remote Code Execution of Zilliqa node
- Remote Code Execution of Zilliqa lookup node
- Any methods of siphoning or creating funds
- Remote Code Execution of the Zilliqa Savant IDE
- Security bug or issue in the cryptography relating (Non third party) to key generations, encryption, decryption, signing and verification
- Smart Contract vulnerabilities that can destabilize all Dapps within the ecosystem
- Denial of Service (termination of process) to Zilliqa lookup node
- Denial of Service (termination of process) to Zilliqa node
- Denial of Service (termination of process) to Zilliqa Savant IDE
Denial of Service (unable to progress with consensus protocol) to Zilliqa lookup node
Denial of Service (unable to progress with consensus protocol) to Zilliqa node
The range of rewards per category has also been provided by the team at ZIL.
|RATING||BINARY/CODEREVIEW||VRT SUBMISSION REWARDS|
|P1||$4,200 – $5,000||$2,100 – $2,500|
|P2||$2,100 – $3,000||$1,200 – $1,500|
|P3||$500 – $1,500||$500 – $750|
|P4||$200 – $400||$150 – $200|
What are your thoughts on the bug bounty program by the team at ZIL? Will it yield the desired result or should they increase the value of the rewards per vulnerability found? Please let us know in the comment section below.
Disclaimer: This article is not meant to give financial advice. Any additional opinion herein is purely the author’s and does not represent the opinion of Ethereum World News or any of its other writers. Please carry out your own research before investing in any of the numerous cryptocurrencies available. Thank you.unty