Home / News / Bounty - ICDevs.org Bug Bounty

Austin Fatheree, January 03 2022

ICDevs.org Bug Bounties - #7

Current Status: Discussion

  • Discussion (01/03/2022)
  • Ratification
  • Open (02/10/2022)

Issue Link - Discussion Forum

Bounty Details

  • Current Bounty Account: 20 ICP + $500 USD of ICP at award date
  • Project Type: Ongoing
  • Opened: 01/03/2022
  • Time Commitment: Days
  • Experience Type: Intermediate - Motoko; Intermediate - Web Dev
  • Issue Type: Bug Bounty

Description

This bounty gives the opportunity to

  • learn about the Issues ICDevs has funded
  • learn about motoko, rust, and IC Development

ICDevs.org funds bounties that are completed by the community. It is often difficult to get developers to review and critique pull requests. This Bounty provides funds to incentivize those developers.

This bounty follows the taxonomy listed at https://bugcrowd.com/vulnerability-rating-taxonomy. Bounties are paid out on the following schedule:

  • P1: 50% of fund
  • P2: 25% of fund
  • P3: 10% of fund
  • P4: 5% of fund
  • P5: 1% of fund
  • Other: At ICDevs Discretion

To claim the award you must notify admin@icdevs.org of the bug. If the bug has security or data implications ICDevs.org will work with you to notify the project owner of the bug and to find a solution. Once the bug has been addressed the person claiming the bounty will need to write a post-mortem issue as an issue on the source control application(ie github) explaining how they found the bug, the implications of the bug, and the resolution that was created.

Applicable Projects

Ongoing Bounty

This is an ongoing bounty and will stay open and available as long as there are funds in the bounty account.

Funding

The bounty was generously funded by the community and a Foundation of 20 more ICP. If you would like to turbocharge this bounty you can seed additional donations of ICP to 6e3f1641fd3db4c52b4d06f5d035853fbc37e544c8a4fb99f6f1e187f88c8298. ICDevs will match the bounty 2:1 for the first 20 ICP and then 0.25:1 after that. All donations will be tax-deductible for US Citizens and Corporations. If you send a donation and need a donation receipt, please email the hash of your donation transaction, physical address, and name to donations@icdevs.org. More information about how you can contribute can be found at our donations page.

Matches

Accelerator Fund: - $500 USD of ICP at award date

Endowments

The Bug Bounty needs to be steadily refreshed with value. In order to do this we need endowments of the bug bounty from individual developers, companies, and DAOs in the IC Ecosystem. An endowment can be of any size, but we recommend at least 100 ICP. 20% of an endowment will be immediately put into the Bug Bounty Fund and the remaining 80% will be contributed to the Bug Bounty Neuron, an 8 year locked neuron. 2/3 of the proceeds of this neuron will fund the Bug Bounty and the remaining 1/3 will be contributed to the general ICDevs.org endowment neuron that funds other ICDevs activities. The first 5 100 ICP Endowments will be be matched by the ICDevs.org DFINITY Foundation grant with an additional 10 ICP into the bug bounty.

Other ICDevs.org Bounties