Identifying issues is the first step to building a product that surpasses user expectations. While not everyone is willing to acknowledge and correct their mistakes, at 5ire’s Bug Bounty Program, we incentivize individuals for detecting and disclosing vulnerabilities in the 5ire network.
Following the release of Testnet: Thunder (Beta), our Bug Bounty Program demonstrates our dedication to ensuring the security of the blockchain. Thus, we invite you to seek out any vulnerabilities in the 5ire network and earn generous rewards.
Head to the 5ire Explorer to start!
Bug Bounty Program rewards are classified into four categories, depending on the severity of the issue:
- P4 includes low-risk vulnerabilities. Web developers can earn up to $50 — $250 by notifying such bugs.
- P3 includes medium-risk vulnerabilities. And this provides an opportunity to earn between $250 — $1000.
- The third category is the P2 category, which includes high-risk bugs. By finding high-risk vulnerabilities, developers can secure $1000 to $5000.
- Finally, the higher the risk, the higher the return. P1 categories are subjected to critical risk. For identifying each critical vulnerability, developers can earn $5000 or more.
What to do?
Keep it simple. Find a bug/vulnerability, and prepare a detailed report identifying the vulnerability, the components affected, the reproduction of the issue, and all the potential fixes. Once completed, send that detailed report to security@5ire.org.
But keep in mind that:
- Technical knowledge is essential for the process.
- A vulnerability’s public disclosure makes it ineligible for a reward.
- Duplicated issues are ineligible for reward. The first submission is the only eligible one.
- To add more data or information to a case, you must create a new submission that can reference the initial one.
- Rewards for the bug bounty program are decided on a case-by-case basis. The bug bounty program, terms, and conditions are only at the sole discretion of 5ire.
- Rewards mainly fluctuate depending primarily on the issue’s severity. Other variables that could be considered for rewards purposes include the instructions for reproduction, the quality of the issue description, and the bug fix suggested.
- Determining eligibility, score, and all other terms related to an award are mainly at the full and final discretion of 5ire.
- Submissions are required to be relevant to the Bounty Scope. Any proposals submitted out of the Bounty Scope will not qualify for a reward.
- Interfering with the client, protocol, or platform services during the process makes submission invalid.
- The terms and conditions of the bounty bug process may fluctuate over time.
- Reading and following the disclosure policy available within the references is essential. Submissions not adhering to the disclosure policy are not eligible for a reward.
Gear up and make the best claim! Our developers are expecting a tough fight from the users.
For more information, check out our website: www.5ire.org
