Aelf’s Hacker Bounty Phase 2

Details

The aelf Foundation is hosting this program to show how secure aelf’s lock-in contract and Cross-Chain Transfer Protocol (CCTP) are while also enabling users to have a better understanding of the CCTP, which was launched in May 2020. The event will be posted as a Bounty Program on the aelf DAO to ensure transparency throughout. The draft of the program has been discussed in the saelf governed Telegram community and the bounty was set at 1 million ELF by the community members.

Rules

• Participants can sign up as individuals or teams — there’s no limit on the team size.
• The Bounty Program is about finding vulnerabilities in the Cross-Chain Transfer Protocol (CCTP), so those on the Ethereum Network or aelf will not count.
• At 12:00 pm (GMT +8) on July 16th, the aelf Foundation will lock 1 million ELF in the lock-in contract.
• At 12:00 pm (GMT +8) on July 27th, a Merkle tree will be generated.
• At 12:00 pm (GMT +8) on August 5th, 1 million ELF test tokens will be swapped to the aelf testnet via the Cross-Chain Transfer Protocol (CCTP).
• Participants who are able to hack the CCTP and swap the ELF test tokens to their own account addresses during the event will be rewarded with the equivalent amount of ERC20 ELF tokens.
• The aelf Foundation will retrieve the bounty if no hackers managed to breach aelf’s CCTP by the end of the event.

Lock-in Contract Information

Ethereum Mainnet:

• Ethereum mainnet lock-in contract address: 0x91517330816d4727edc7c3f5ae4cc5bef02ec70f
• Merkle Tree generation contract address: 0x76562bD67452359b68fACbfa2d0cc9c1999F566C

aelf Testnet：

• Side-chain token mapping contract address: RXcxgSXuagn8RrvhQAV81Z652EEYSwR6JLnqHYJ5UVpEptW8Y
• Contract Explorer: link
• Contract code on GitHub：link

How to Collect the Bounty

• For Chinese users: contact DaYuTongXue (WeChat ID: a439714) on WeChat
• For English users: contact Itsu Ace (@Itsu_Ace) on Telegram

Hacking Proof

Participants need to show their hacking proof to the aelf team after they have hacked the Cross-Chain Transfer Protocol (CCTP).

The following information needs to be provided as the hacking proof:

• Code for the hacking process
• A document which explains the hacking process
• Self-introduction
• ELF wallet address

Retweet to Win ELF

• Simply retweet the event and you will have the opportunity to share out 8,888 ELF.
• If no one is able to hack the CCTP before the deadline (August 5th), then all the retweeters (keep the retweet until the end of the event) will share out the 8,888 ELF!

We’d like to invite white hats, technology enthusiasts, and master hackers to participate in the Hacker Bounty Program and we hope the program will give you an in-depth understanding of the Cross-Chain Transfer Protocol (CCTP). Any feedback or suggestions on how to improve the aelf ecosystem are also welcomed!