Incentivized Testnet Bug Bounty Program

Pocket Network
Apr 8 · 2 min read

As part of the Pocket Incentivized Testnet, Pocket is also announcing our first bug bounty program. Participants will have the opportunity to earn POKT for identifying bugs in the network, to help ensure the security of the test network. Bug bounty participants can earn rewards in proportion to the severity of the bugs discovered, by identifying and reporting the bugs to the team. The testnet bug bounty program will run over the entire course of the incentivized testnet. To report a bug, participants must send an email to security@pokt.network with the details of the bug.

The bug bounty program will use the OWASP risk rating model to determine the threat level of the bug.

Bug Bounty 20% — Up to 5m POKT

  1. Low Severity — 12.5k POKT
  2. Medium Risk — 25k POKT
  3. High Risk — 50k POKT
  4. Critical Risk — 125k POKT

Examples of Critical Risk Bugs:

  • Zero-knowledge range proof
  • Merkle sum tree
  • Inflation attacks
  • Collusion attacks

The goal of the bug bounty is to prioritize critical attacks that could fundamentally impact the network, node operators and the applications running on the network. Submitting bugs anonymously or with a pseudonym is fine, however, in order to be eligible for the bug bounty rewards paid in crypto, we require your real name and proof of your identity.

Legal Disclaimer

The Pocket Network bug bounty is a discretionary rewards program for members of the Pocket community to encourage and reward those who are helping to improve the security of the network. You should know that the program can be cancelled at any time, and awards are at the sole discretion of Pocket Inc. In addition, we are not able to issue rewards to individuals who are on sanctions lists or who are in countries on sanctions lists. You are responsible for all taxes. All awards are subject to applicable law. Finally, your testing must not violate any law or compromise any data that is not yours.

Bounty Repos

Pocket Core

Pocket JS

Pocket AAT JS

Pocket JS Web3 Provider

Pocket Core Deployments

PoS Mint

Pocket Tendermint

Resources

Whitepaper

Economics

Join Incentivized Testnet

Node Operator Form

Application Developer Form

Connect with Pocket

Github

Twitter

Newsletter

Discord

Pocket Network

Connect any App, to any Blockchain, from any Device.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store