Qubic Bug Bounty Program
Welcome to the Qubic Bug Bounty Program! We believe in a safe and secure ecosystem for our users, which is why we encourage and incentivize the identification and reporting of any potential security vulnerabilities in our system.
Scope
All aspects of the Qubic ecosystem are in scope, including but not limited to:
- Core protocol
- Qubic Units (QUs)
- Smart Contracts
- Wallet software
Rules
- Responsible Disclosure: Do not disclose the details of the bug publicly before it has been addressed and a patch has been released.
- No Harm: Do not exploit the bug beyond what is necessary to demonstrate it.
- Do Not Interfere: Avoid disrupting any services or data during your testing.
Reporting
Please submit a detailed bug report to tbd@qubic.world
including the following information:
- Description of the issue
- Steps to reproduce
- Potential impact
Reports that do not include this information may not qualify for a bounty.
Rewards
Bounties will be awarded at the discretion of the Qubic development team based on the severity and impact of the reported issue. A minimum of 1 bln QUs will be awarded for any legitimate and previously unreported security vulnerability.
Acknowledgments
Successful participants who help make the Qubic ecosystem more secure will be acknowledged publicly (unless they prefer to remain anonymous). Together, we can build a more secure and robust Qubic ecosystem.