Illuvium Has Launched Bug Bounty Program Worth Up to $150k on Immunefi
After announcing the game's open beta, the Illuvium team launched a bug bounty program worth up to $150k on Immunefi. To all the white hackers out there, here's your time to shine!
Illuvium just offered a bug bounty program up to $150k on Immunefi: Here's the scope
After announcing the game's upcoming open beta early this week, the Illuvium team went on to launch a bug bounty program worth up to $150k on Immunefi. Needless to say, the move is part of the team's initiatives to ensure the overall website is secured and users' funds in staking pools are well protected.
Looking at its scope, the bug bounty program focuses on reviewing Illuvium's existing smart contracts, website, and applications. This specifically includes smart contracts for a range of V2 staking pools, the main webpage, several staking webpages, and the game's API. Given that, the team also encourages hackers to report any critical and high impacts to other Illuvium assets that are not in the scope above.
According to Illuvium, if you manage to find any bugs, make sure you provide a summary of the vulnerabilities in the report. Then add a step-by-step process of the exploit so that the team can reproduce the issue. What's more, a detailed explanation of the possible impacts with additional materials or references will help too.
How much is the bounty?
As for the bounty itself, the exact amount depends on the threat level being identified. Threats could cause critical, high, medium, or low impacts. So, for smart contract bugs resulting in critical impacts, the payout will range from $100k to $150k. If you spot any critical threats among Illuvium's websites and applications, the payout will be $50k in total. Those interested can check out the exact payouts for other threat levels here.
In short, it's great to see that the Illuvium team is committed to creating a safe blockchain gaming experience for all players. Without a doubt, the bounty program is one the best ways to get pro hackers' help in locating any hidden threats within the smart contracts or the website itself. Obviously, we wouldn't want to see another major security breach such as the Sky Mavis' $625M Ronin hack happening to other Web3 gaming platforms.