$1,500,000 for REI Mainnet Bug Bounty
A strong blockchain is not only equipped with features of high throughput and transparency. It’s must also be robust and resilient, with high security. Security issues can be seen as pain point of blockchain systems but also one of the strongest requirements for blockchain to be adopted in the other industries.
To ensure REI’s blockchain is highly secure and resilient, we are excited to launch REI’s second iteration of bounty programs: The REI Mainnet Bug Bounty Program.
What is the REI Mainnet Bug Bounty Program for?
The REI Mainnet bug bounty is a bug bounty program launched by the REI developer’s community and invites developers from worldwide to help REI in reviewing its code, increase the security level of the REI mainnet, and earn significant bounties in the process.
In this program, REI will release its development results which are then reviewed and tested by developers worldwide, thus maximizing the security and resilience of mainnet before it launches.
How Developers Can Review the REI Code?
All released source code is available on REI’s Github page: https://github.com/rei-network
From a security perspective, we invite developers to assess, identify and give us suggestions on any of the following:
- General Security of REI Mainnet
- Flaws of Mainnet security problem
- Flaws of REI’s general user experience
- Flaws of New RPC, functions, and designs
2. Security of Smart Contracts
- Security of smart contract management
- Security of authentication of contract system
3. Security of Other Applications
- Security of REI wallets, webs etc.
Risk Levels & Ranges of Bounties:
Risk levels will be divided incrementally as: Critical, High, Medium, Low. Bounty rewards will be linked to these risk levels as follows:
Lvl 1 Risk: Critical; Bounty: 12,000–50,000 $REI
- Potential systematic flaws, including access to server, access to data, access to website administration, transaction manipulations etc.
Lvl 2 Risk: High; Bounty: 4,000–8,000 $REI
- Potential risks of leaks or manipulation of user accounts: private keys, user’s sensitive information and data etc
- Potential leaks of system’s sensitive information, source code etc
- Risks of having a negative impact on transaction speed of main net or loss of crypto assets
Lvl 3 Risk: Medium; Bounty: 2,000–3,000 $REI
- Risks of being unable to implement transactions
- Leaks of insensitive information of users that may not cause direct loss of assets
Lvl 4 Risk: Low; Bounty: 500–1,000 $REI
- Problems of user experience of REI mainnet
How To Report Bugs Detected:
REI will review and quickly reply once a developer completes the form and submits: https://forms.gle/xJxntr4SLecVMXDo8
Rules of Bug Bounty Program:
- The REI Bug Bounty Program is limited to the latest version of code.
- Security optimization should follow the principle of self-realization.
- Problems caused by the same source should be considered as 1 bug.
- Only when the process of “Bug submission — Project verification — Improvements” is completed can a contributor receive the bounties.
- REI has the responsibility of publishing its improvements after a bug is detected within 2 weeks.
- Any vicious attacks, stealing of user data or abuse of intellectual property in the name of reviewing the code will be investigated by REI.
- REI reserves the right of final interpretation.
Developer Community on Discord
- Developer’s participation in REI node applications
This week in our developer community on Discord, many developers also expressed their interests in becoming REI’s nodes. We would welcome more developers to apply for and participate in REI’s node election!
Join our developer community on discord (BUG Bounty channel): https://discord.com/invite/zhwWkXYtJt
- Apply For REI Ecosystem Grants
Introduction of Developer Bounty Program:
