Be rewarded for keeping us safe
Web3 is best captured by the values it represents: Shared ownership, open collaboration, and a call for everyone to contribute to missions they care about in their own way.
Help to reduce the surface area for attacks on the protocol protecting fairness and privacy. And earn bounties while you are at it.
Discover bugs across Automata's product stack, middleware services, or network infrastructure
Include a Proof-of-Concept and specific steps to reproduce your findings in a detailed report
We will reach out upon receiving a valid submission. Rewards are distributed based on the impact and severity of the bug.
Submit your report to firstname.lastname@example.org. All submissions will be vetted by the Automata team
Rules of engagement
Explain the vulnerability in detail
Provide as much information as possible, with clear, reproducible steps or a working Proof-of-Concept. Reports that provide suggestions on how to fix the vulnerability may also be considered for increased bounty rewards.
Responsible disclosure of bugs
Do not disclose the bug publicly until a fix has been found, and refrain from sharing details with any other party. Exposing a vulnerability before remediation can cause irreparable harm to Automata Network and our community.
Do no harm
Make every effort not to compromise or disrupt any of Automata’s products, services or network infrastructure. Avoid privacy or data violations and do not exploit the vulnerability for profit outside of Automata’s Bug Bounty Program.
Early bird gets the worm
Reward goes to the first (valid) report in the case of duplicate reports received. Submit only one vulnerability per report unless there is a need to provide relevance or impact.