ARIONUM BUG BOUNTY PROGRAM

Post Reply
AroDev
Site Admin
Posts: 25
Joined: Sat Jan 06, 2018 6:51 am

ARIONUM BUG BOUNTY PROGRAM

Post by AroDev » Thu Dec 13, 2018 5:35 pm

In the light of the recent events, we have decided to launch a bug bounty to help audit our software.

For the start, the following pieces of software are part of this program:
Arionum node - https://github.com/arionum/node
LightWalletCLI - https://github.com/arionum/lightWalletCLI
LightWalletGUI - https://github.com/arionum/lightWalletGUI

We are looking for any vulnerability that can be done remotely and that can result in stolen coins, compromised servers, blockchain manipulation, badly implemented cryptography, key collisions etc.

The bounties are offered based on the severity of the vulnerability, start at 100$ and go up to 2000$ for a critical vulnerability. The payment is sent in bitcoin.
The reports should offer a proof of work and we must be able to replicate it.

We are not looking for xss, csrf, dll hijacking or vulnerabilities in other pieces of software (ex: web browsers).

Please contact us privately with the vulnerabilities so we have time to patch things up before the public release. Either here or on discord, @AroDev

The bounties are offered by the Arionum Developers, please do not abuse the bug bounty program. The total budget for this program is 5.000 USD.

Michelina J. Bell
Posts: 1
Joined: Thu May 16, 2019 8:39 am

Re: ARIONUM BUG BOUNTY PROGRAM

Post by Michelina J. Bell » Fri Jun 28, 2019 11:01 am

Generally speaking, any bug that poses a significant vulnerability, either to the security of our site or the integrity of our trading system, could be eligible for reward. But it's entirely at our discretion to decide whether a bug is significant enough to be eligible for reward.
Last edited by pxgamer on Thu Jul 04, 2019 9:00 am, edited 1 time in total.
Reason: Removed irrelevant link

Post Reply