Hey devs!
StarkNet launched a bug bounty program to help you secure the network. ππ©βπ»
Here's what you need to know:
1) Rewards are based on the impact of the vulnerability reported, with separate scales for websites/apps, smart contracts, and blockchains/DLTs.
2) All smart contract bug reports must include a PoC with an end-effect impacting an asset-in-scope in order to be considered for a reward.
3) Rewards for critical Blockchain/DLT vulnerabilities are capped at 10% of economic damage. However, there is a minimum reward of USD 40 000 and a maximum reward of USD 500 000.
4) Rewards for critical Smart Contract vulnerabilities are capped at 10% of economic damage. However, there is a minimum reward of USD 50 000 and a maximum reward of USD 1 000 000.
5) For bounty hunters to receive a reward, KYC must be done, which includes name, address, DOB and a copy of national ID/passport and OFAC screening must be done.
6) Rewards are paid in USDC and the payout will be done by our team directly. The program is runned by @immunefi
So, devs, help secure #StarkNet and get rewarded in USDC.
To learn more, please visit immunefi.com/bounty/starknet/