Tron (TRX) Is Working On Its Code And Offers Hackers Bug Bounties According To Their Severity

Tron has a new bug bounty program that seems to be eventually paying off. Since it was launched at the end of May, Tron handed out $25,000 to ethical hackers who discovered flaws on its new blockchain, says HackerOne.

Now, the platform is offering $50,000, $10,000 and $6,000 and these amounts are based on the severity of the bugs that will be found.

Tron offers bounties for bugs of high, critical and medium severity

Critical bugs are worth $50,000 and include bugs which can take control of java-tron nodes by remote execution of any code and bugs which can lead to private key leakage.

High severity bugs are worth $10,000 and these include bugs which can incur Denial of Service (DoS) in java-tron through P2P network and bugs which can incur Denial of Service (DoS) in java-tron through RPC-API.

Medium severity bugs are worth $6,000 and these include bugs which can incur Denial of Service (DoS) in java-tron through TRON Protocol and bugs that are allowing unauthorized operations on user accounts.

More than that, hackers who will be able to find low priority bugs will be able to earn $100.

For the moment, only the bugs that are found in the java-tron code repositories are eligible for the bounties that we have mentioned above.

The problems that involve tronscan.org, tron.network and tronlab.com will not be eligible for any bounties, but still, Tron is encouraging people to report any kind of issues that they might run into.

How to report bugs to the Tron team

In order to report any bugs that you might have found, all you have to do is contact the Tron team via HackerOne and include the following elements:

  • The source of the bug – for example, tronprotocol/java-tron and so on
  • Your personal classification of the severity of the bug – medium/high/critical
  • A summary of the bug
  • A detailed description of the bug
  • Instructions to recreate the bug
  • Other additional materials such as proof of concepts, source code, screenshots or logs

You can learn more about The Tron Bug Bounty Program here.


by

Tags:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *