Lewati ke isi

Bug Bounty Program

Status

Program bug bounty resmi dalam persiapan. External audit (SEC-013) masih pending.

Scope (Rencana)

In Scope Out of Scope
Smart contracts di contracts/src/ Third-party dependencies
RPC gateway abuse Social engineering
Faucet bypass DDoS volumetric
Explorer XSS/CSRF Issues di testnet tanpa impact mainnet

Severity (Draft)

Level Contoh Reward (Draft)
Critical Fund loss, validator takeover TBD
High RPC auth bypass, key leak TBD
Medium Rate limit bypass TBD
Low Info disclosure TBD

Submit Report

  1. Email: security@garudachain.id
  2. Sertakan: deskripsi, steps to reproduce, impact, PoC
  3. Jangan exploit di mainnet tanpa izin

Safe Harbor

Penelitian responsible disclosure dilindungi selama mengikuti guidelines di Security Overview.

Coming Soon

Reward amounts dan platform (Immunefi/HackerOne) akan diumumkan setelah external audit selesai.