DeFiChain Bug Bounty Program

DeFiChain is engaging with security experts as well as the community to hunt down vulnerabilities. Our bounty program rewards up to USD 50,000.

bounty-poster

Leaderboard

DeFiChain thanks the following bounty hunters in their efforts to keep DeFiChain secure.

1
Dr. Daniel Cagara

Dr. Daniel Cagara

  • Masternode mining efficiency exploit
    5,000 DFI 15,000 USD
  • Total bounty
    5,000 DFI 15,000 USD

How to participate

There are many ways to get started finding a bug bounty. You can start by connecting to the DeFiChain testnet by running defid -testnet. Alternatively, you could study our source code at GitHub.

If you find a bug through interacting with our program and/or studying our source code, we can offer a bug bounty of up to USD 50,000 worth of DFI provided that we find the bug significant, and you are able to provide useful info in regards to fixing or reproducing the issue.

Be sure to study the code that is tagged for official releases, not the master branch or other code that is still currently under development.

Submission process

As security is a sensitive issue, we encourage users not to submit public issues regarding the security of the blockchain. We encourage using your own descretion, if you feel the issue is not something the public can easily exploit, then feel free to create an issue at the repo over at GitHub. If the issue presents some critical exploit, then please email us instead at security@defichain.com.

In your submission please include:

  • A clear description of the issue
  • A fix for the issue, preferably as a pull request
  • If unable to provide a fix, then please provide clear directions on how to reproduce the issue
  • Your email address or other relevant contact details (e.g. Telegram ID)
  • Your DFI address for receiving the bounty if your submission is approved

Join our mailing list to get the latest DeFiChain announcements:

Oops! That didn't go through.
Thank you for subscribing!

We hate spam too, so only occasional updates.