We are devoted to the seemingly mundane, but important and tireless pursuit of bug squashing. And the more eyes and attention on our bug-squashing efforts the better, which is why we are pleased to announce our Bug Bounty program!
We work hard to provide our members with an amazing experience using Bitreserve. Part of that involves bringing innovative products to market like four precious metals and six real world currencies, and it also means we are devoted to the seemingly mundane, but important and tireless pursuit of bug squashing. And the more eyes and attention on our bug-squashing efforts the better, which is why we are pleased to announce our Bug Bounty program!
This program provides the Bitreserve community with a way to get more involved with the product by reporting bugs and security issues in exchange for cash rewards. The process is simple and even fun. Read on for more information on how you can get involved and earn money for identifying and reporting bugs to our team to resolve.
I found a bug - now what?
While we hope discovering a bug is a rare occasion, here’s what to do:
- Visit our Bug Bounty page on Crowdcurity.
- Review which types of vulnerabilities we’re looking for -- see what’s in scope or not.
- If and when you discover a vulnerability, click the “Submit Vulnerability” button in the top right corner and file your discovery. Happy Hunting!
I submitted a bug - what do I earn?
Congrats and thank you - our reward system has three tiers of cash rewards ranging from $50 to $1000. The Low, Medium and High rewards are determined at Crowdcurity’s and Bitreserve’s discretion based on the risk and potential impact to our members.
- Low Reward: $50
- Medium Reward: $200
- High Reward: $1000
How are reward amounts determined?
Our Security and Development teams take lots of factors into account when determining these rewards. These factors include, but are not limited to the complexity of successfully exploiting the vulnerability, the potential exposure, as well as the percentage of impacted users and systems.
Anyone can submit a bug, but of course, please review the Description and Rules on our Bug Bounty page for more details.
-Ginevra, Support Lead