Hundrx Bug Bounty Program: Our Commitment to Technical Maturity.

4 min readMar 20, 2023


At Hundrx, we’re always striving to revolutionize the way users interact with their online identity on Twitter. That’s why we’re excited to launch our first-ever Bug Bounty Program, which focuses on UI. We’re looking for skilled individuals to join our community and help us achieve our goal of turning Twitter into Web3.

But we don’t just want anyone to join us. We want the best of the best. That’s why we’re inviting smart contract developers, code auditors, UI/UX designers, and even laymen with a sharp eye for design to join our mission. We believe that working with skilled technical community users is crucial in identifying vulnerabilities in our extension.

And we’re not just asking for your help for free. We’re putting our money where our mouth is. All submissions to the Bug Bounty Program will be qualified by us, and rewards will be distributed based on the impact and severity of the vulnerability. Only valid bugs will be eligible for payout.

What is UI Testing?

User Interface testing, also known as UI testing or GUI testing, tests the application’s visual elements to validate proper functionality and expected performance. It ensures that UI functions and application components have no defects, such as icons, radio buttons, text boxes, toolbars, color, fonts, checkboxes, windows, and menus. The primary aspects of UI testing are:

  • Functionality
  • Performance
  • Usability
  • Compliance
  • The visual design of the extension.

How it works

  • Submit all bug reports to
  • Keep your report as detailed as possible, with all steps necessary to reproduce your findings — The more information you provide, the quicker the Hundrx team will be able to validate the issue. All reports should include a PoC (Proof-of-Concept).
  • Reports that provide suggestions on how to fix the vulnerability may also be considered for increased bounty rewards.
  • After confirming the validity of the bug, we’ll be in touch! A valid report must be in-scope and meets the rules of engagement. Hundrx will determine (at our sole discretion) whether a report is eligible for a reward.
  • Note that sometimes others may find the exact same issue or bug. For discovered bugs, we have a running list that is constantly updated as each submission rolls in. Be sure to check the pinned google sheets link in the Discord, before submitting a form to keep things easier on our end. Additionally, sometimes you and another may submit the same bug before we can update it on our master list. In this case, the person who submitted first receives the reward.
  • With each bug reported, the person who submitted it will receive a reward! However, note that this bug must be unique (cannot be listed on the master list), and if someone submitted before you, the reward will go to them as detailed previously. Furthermore, the more complex or exchange-breaking the bug is, the bigger the reward!

Rewards and tiers

Claim your share of $10 000. Each verified bug found will be rewarded $20 or more depending on its severity as judged by the Hundrx team.

In addition, all Bug Bounty winners will receive an NFT badge “Bounty Hunter” — that will be visible to all users of the extension—an opportunity for you to stand out from the crowd.

Rules to Follow

We will appreciate it if you follow the rules given below.

  • Please do not use any web applications for searching vulnerabilities as they generate massive traffic and tend to hinder the working of the websites.
  • We expect you to not damage or restrict the availability of products and services on the websites.
  • Do not compromise any personal data, leading to interruption or degradation of any service.
  • Make sure that you localize all the tests to your own system and make every effort not to access or modify any user data.
  • If you are finding chain vulnerabilities, you will be rewarded only for the vulnerabilities having the highest severity profile.
  • The bugs must not be mentioned in front of anyone outside the project team.
  • Please don’t use any social engineering attacks, spam, or DoS/DDoS vulnerabilities.
  • Most importantly, you are expected not to break any laws and stay within the scope while finding vulnerabilities.

By making our first Bug Bounty Program public, more users will get an opportunity to submit vulnerabilities or bugs. We also consider this as the next step in our technical maturity.

Hundrx believes that working with skilled technical community users across the globe is crucial in identifying potential weaknesses/bugs. We are excited for you to participate as a community bug hunter to help us identify vulnerabilities in our extension.

Starts on 23/03/2023 at 6PM GMT
Ends on 06/04/2023 at 6PM GMT

Happy Hunting! 👉 Press here to participate.

Join Hundrx community: Website | Twitter | Discord | Linkedin | Telegram

Upgrade Twitter to Web3 with Hundrx



Editor for

Building the world's first browser extension for Twitter profile tokenization!