Matic Network looks forward to working with the community to find security vulnerabilities in order to keep our Projects, Developers and Users safe.
The bounty program is to ensure everyone has an opportunity to find bugs in our system, which will in turn help us ensure the security of Matic. Payouts will go up to $5,000 for critical issues.
We encourage uncovering bugs and vulnerabilities on the network code spanning the smart contracts, Heimdall and Bor.
Examples of vulnerabilities would include ability to double spend, tamper blockchain history, mint invalid tokens, undermine the consensus mechanism, censorship on votes, stealing tokens from the node, preventing access to the network, bugs in the the network economics, chain halt, network shutdown and more.
Our rewards are based on severity per CVSS (the Common Vulnerability Scoring Standard).