Skip to main content

sidebar_position: 3 sidebar_label: Bug Bounty id: bugbounty

title: Bug Bounty

Bug Bounty Overview

ZetaChain is committed to security across all aspects of its ecosystem. To that end, ZetaChain has established a bug bounty program to reward researchers, developers, and users who help identify and report security vulnerabilities.

You can access and report issues at https://immunefi.com/bounty/zetachain/.

Scope

The scope of this bug bounty program is focused on ZetaChain's smart contracts, public-facing APIs, blockchain protocol/infrastructure, and web applications.

Program Guidelines

  1. All reports must be submitted through the Immunefi, accessible here.
  2. Report any suspected vulnerability promptly.
  3. Do not attempt to exploit a vulnerability without prior authorization.
  4. Do not publicly disclose a vulnerability before it is reported and patched.
  5. Do not access data or systems beyond the scope of the vulnerability.
  6. Do not use social engineering techniques.
  7. Do not attempt to access accounts or personal data of users.

Rewards

The rewards for successful vulnerability reports range from $5,000 to $100,000, depending on the severity of the issue. All payouts are to be done by the ZetaChain team through Immunefi.

Smart Contracts

CriticalUSD $30,000 to $100,000
HighUSD $10,000 to $30,000
MediumUSD $10,000

Websites and Applications

CriticalUSD $15,000 to $30,000
HighUSD $5,000 to $15,000
MediumUSD $5,000

Responsible Disclosure

We value responsible disclosure, and we encourage all participants to act responsibly when reporting vulnerabilities.

Contact

For any questions or concerns, please contact us at bugbounty@zetachain.com.