Edgeless introduces “Bugs Hunting” bounty program
Edgeless has already released “Edgeless v1.0”, Dice and way more is coming to the platform, but as every singly project build from the very beginning we are facing bugs in our system. Therefore, Edgeless announces Bug Hunting.
What is a “Bug Hunting”?
It is a first time project in Edgeless, where we encourage all the developers, programmers, testers and anyone who is familiar with the platform, to search for bugs, catch them and apply for a bounty as a reward. In total we will distribute 100 000 EDG for all the bugs the program participants will find. The program will be available for 2 months since it is started publicly.
How it works?
- Every person, who “catches the bug”, should report it to firstname.lastname@example.org with the subject of “BUG HUNTING”.
- Each bug needs a separate application.
- It should be filled in the form provided here - http://bit.ly/2IsemV6
- A bug that has already been submitted by someone else, doesn’t count as a new bug, therefore the bounty is not granted.
- If the bug is publicly announced by the participants before it is solved by the team and published in github.com, the reward for the problem is not eligible anymore.
- Edgeless team, Edgeless developers and anyone related with Edgeless in any professional connection are forbidden to participate in Bugs Hunting
- It is in Edgeless development team hands to decide whether or not a reported issue qualifies for a reward, the importance of the issue, the size of a reward, and all other terms related to a reward.
- If the participant breaks any law, regulation or creates any damages, he/she is permanently removed from the program.
- The processing and evaluating of the bug could take up to 2 weeks. So, responses could be delayed to any bug feedback.
- All the bugs will be publicly shown after they are solved with the username of the founder and the time, therefore everyone will know, who was the first for the bug. - http://bit.ly/2x4ezwd
- Edgeless project could cancel the “Bugs Hunting” at any time without additional explanation.
How does the reward system work?
The reward depends on the risk and importance of the bug/problem, therefore the OWASP risk rating methodology was taken as it has already proved its effectiveness for other projects.
Taking these overall risk severity levels into account the rewards will be allocated:
Critical - up to x 40 000 EDG
High - up to x 10 000 EDG
Medium - up to x 2000 EDG
Low - up to x 800 EDG
Note - up to x 500 EDG
What is also important?
Since OWASO risk rating methodology includes only risk factors in the evaluation, all the rewards are shown in the “up to” range. To get the highest reward in the range, additional requirements need to be fulfilled:
- The description should be clear and detailed so that the Edgeless development team could easily identify the problem and understand the risk level it creates.
- Higher rewards are given if you include test codes, printscreens, videos. The easier for us to find the problem, the better it is for the bounty participant.
- The highest rewards goes to those, who provides the clearest description on how the problem could be solved.
- Visual representation of the problem (if possible) is necessary.
This Bug Bounty Campaign is an experimental program with purpose of encouraging and rewarding improvement of Edgeless experience and solution. We can cancel it at any time and all the rewards are paid at the sole discretion of the bug bounty team of Edgeless. We will not be engaged in any relationships with sanctioned territory countries, companies and individuals (eg. North Korea, Iran, etc). Every recipient of EDG token will have to go thought KYC process and have to pay taxes under the jurisdiction of the participant. Edgeless will not be liable of any taxes that have to be paid. The testing that you will be engaging in must not violate any law or compromise any data that is not yours. If in any case you will find a vulnerable breach that could result in data damages you have to inform Edgeless automatically.
All disputes arising out of or in connection with this Bug Bounty Campaign shall be exclusively decided by the courts of Gibraltar and in accordance to laws of Gibraltar.
Facebook : https://www.facebook.com/EdgelessCasino/