Decentraland launches $500k Bug Bounty Program on Immunefi
Uncovering the most critical smart contract vulnerabilities could be rewarded with up to $500k. Submitting a bug report requires completing KYC verification, while payouts are given in $MANA and $USDT.
Yesterday saw the launch of Decentraland’s very own Bug Bounty program.
The program was launched on Immunefi, which is a platform made specifically for hosting blockchain-related bug bounty programs. Bounty rewards vary from project to project, with this one from the decentralized metaverse offering bounties up to $500k.
The amount a bug bounty hunter could earn depends on the threat level of the vulnerability they uncover. The Immunefi Vulnerability Severity Classification System v2.1 is used for determining how dangerous a bug is. With this system, bugs are classified on a 5-level scale: Critical, High, Medium, Low and None.
When it comes to Decentraland’s bug bounty program in particular, the Critical and High vulnerabilities for smart contracts have been combined, which means that the metaverse platform is offering 3 types of rewards for uncovering smart contract vulnerabilities: High (up to $500k), Medium ($20k) and Low ($1k). The minimum reward for High level smart contract bugs is $20k.
There are 4 types of bounties available for finding exploits related to websites and applications made by Decentraland, depending on the severity: Critical ($18k), High ($6k), Medium ($3k) and Low ($1k).
In order to submit a bug report, bug bounty hunters must go through KYC verification, which requires giving their “Name, Mailing Address and any ID,” with all info being collected by the Decentraland team.
Payouts are given in $MANA and $USDT, with a minimum of 20% to be given out in the latter. For detailed information on what kind of vulnerabilities are acceptable and which are not, check out the bug bounty page here.