Introducing the Hummingbot bug bounty program

博客»Introducing the Hummingbot bug bounty program
cover

Yingdan Liang

2019-04-16 · 2 min read

Since Hummingbot is experimental, beta software that can be run in many different user configurations and markets, we are leveraging the power of our community to help us identify and properly handle all the edge cases which may arise.

As a small token of our appreciation for users who invest their time and effort to try out Hummingbot and report the issues they encounter, we are excited to announce a bounty program for reward users who help improve Hummingbot's stability and reliability!

Scope

The public, open source Hummingbot code base.

Rewards

We will pay bug reporters 0.1 ETH for any bug reported that meets the following criteria:

  • It has a different root cause than any other bug reported by other users

  • Reporter follows the submission guidelines below (see Submission)

  • We decide to fix the bug

In addition, we may add a discretionary bonus to bugs that entail security vulnerabilities, depending on the severity of the vulnerability.

Bounty Rules and Guidelines

  • Bounties are awarded on a first-report basis

  • We ask that you do not use vulnerabilities or errors you come across for purposes other than your own investigation

  • We ask that you do not publicize or disclose to any third parties any details of security vulnerabilities until hummingbot remove those issues

  • All bounties and rewards will be subject to the sole discretion of the Hummingbot team

Submission

  • For security vulnerabilities : Email the description of the issue to us at dev@hummingbot.io 

  • For all other bugs : Submit a Bug Report in our Github repo

  • Please follow the template and include detailed descriptions of the bug, steps to reproduction, supporting artifacts such as screenshots, logs, configuration settings, and suggested fixes, if any

  • Privacy : We pledge that we will not use your information for trading purposes or share your personal information with third parties

Evaluation

The Hummingbot team will investigate your report within 24 hours, contact you to discuss the issue, and send 0.1 ETH to your Ethereum wallet once the team decides to fix the bug that you reported.

We will publish a list of reported bugs and their status in the Hummingbot documentation.

Happy 🐞 hunting!

相关帖子

Liquidity Mining: November recap
Liquidity Mining: November recap
Harmony and Hummingbot launch ONE Liquidity DAO
Harmony and Hummingbot launch ONE Liquidity DAO
Liquidity Mining: October recap
Liquidity Mining: October recap

免责声明:位于https://hummingbot.io、https://docs.hummingbot.io、https://miners.hummingbot.io的网站(统称为“网站”)是属于CoinAlpha, Inc.(“公司”、“我们”和“我们的”)的受版权保护的作品。本网站的某些功能可能受附加指南、条款或规则的约束,这些指南、条款或规则将发布在与此类功能相关的网站上。所有此类附加条款、指南和规则均通过引用纳入本条款。这些使用条款(以下简称“条款”)规定了具有法律约束力的条款和条件,以规范您对本网站的使用。访问或使用本网站,即表示贵方接受这些条款(代表贵方自己或贵方所代表的实体),并且贵方声明并保证贵方有权利、权限和能力签订这些条款(代表贵方自己或贵方所代表的实体)。如果贵方未满18岁,则不得访问、使用本网站或接受这些条款。如果贵方不同意这些条款的所有规定,请勿访问和/或使用本网站。