Page 1 of 1

ARIONUM BUG BOUNTY PROGRAM

Posted: Thu Dec 13, 2018 5:35 pm
by AroDev
In the light of the recent events, we have decided to launch a bug bounty to help audit our software.

For the start, the following pieces of software are part of this program:
Arionum node - https://github.com/arionum/node
LightWalletCLI - https://github.com/arionum/lightWalletCLI
LightWalletGUI - https://github.com/arionum/lightWalletGUI

We are looking for any vulnerability that can be done remotely and that can result in stolen coins, compromised servers, blockchain manipulation, badly implemented cryptography, key collisions etc.

The bounties are offered based on the severity of the vulnerability, start at 100$ and go up to 2000$ for a critical vulnerability. The payment is sent in bitcoin.
The reports should offer a proof of work and we must be able to replicate it.

We are not looking for xss, csrf, dll hijacking or vulnerabilities in other pieces of software (ex: web browsers).

Please contact us privately with the vulnerabilities so we have time to patch things up before the public release. Either here or on discord, @AroDev

The bounties are offered by the Arionum Developers, please do not abuse the bug bounty program. The total budget for this program is 5.000 USD.

Re: ARIONUM BUG BOUNTY PROGRAM

Posted: Fri Jun 28, 2019 11:01 am
by Michelina J. Bell
Generally speaking, any bug that poses a significant vulnerability, either to the security of our site or the integrity of our trading system, could be eligible for reward. But it's entirely at our discretion to decide whether a bug is significant enough to be eligible for reward.