Idena invites software security researchers to participate in the bug bounty program to hunt down its vulnerabilities.
If you believe that you have found a security vulnerability in the Idena node or Idena app, we encourage you to report it to the Idena team.
Bug bounty program terms
The Idena team will reward security researchers who help us keep the Idena blockchain and Idena users’ accounts safe. Bounties for such reports are entirely at Idena’s discretion, based on risk, impact and other factors.
- Identify a vulnerability which creates a security risk and describe the problem.
- Submit your report via email: info@idena.io
- Give the Idena team time to investigate the issue before making any information in or about the report public.
- The Idena team determines bounty amounts based on a variety of factors, including impact, possible risks and quality of the report.
- In the event of duplicate reports, a bounty will be awarded to the first person to submit an issue.
- The Idena team may publish submitted reports or information about them.
Minimum payout
No predetermined amount
Bug bounty program scope examples
To qualify for a bounty, report a security bug that potentially could lead to:
- Attacking consensus mechanism
- Stealing coins
