Blockstack Bug & Tooling Bounties
Add to Watchlist
Added to Watchlist
Reward pool
Not set
BTC
Expected profit
$100 - 2500
equal in BTC
Max participants
∞
No limit
DropsEarn score
Neutral
Hard, Low Risks
How To Participate Bug Bounty
-
Help improve the security of Stacks 2.0. Those who disclose bugs and the techniques they used to exploit them are rewarded.
- Submit a bug report
Critical bugs
Maximum $2,000 USD in BTC per bug
- Bugs that cause a chain split
- Bugs that cause state corruption
- Bugs that enable funds to be stolen
- Taking over the network or bringing it to a halt
Major bugs
Maximum $1,000 USD in BTC per bug
- Less severe performance or correctness bugs
- DDoS or stress-test attacks that slow the network down significantly
- Bugs that cause resource exhaustion
- When expected functionality does not work in obvious ways
Minor bugs
Maximum $100 USD in BTC per bug
- Bugs in non-critical software such as the CLI or user interfaces
How To Participate Tooling & Resource bounties
Active tool bounties
New templates for the Clarity Starter Kit
- Look at popular ERC proposals for inspiration
- Submit your template(s) as a PR to the Clarity JS SDK repo on Github
Rewards for building specific tools and resources on Proof of Transfer (PoX).
- $100 USD in Bitcoin per template
- For developers to learn and extend. Must include Clarity code and tests to be considered. The top 10 templates will be rewarded.
Linter for Clarity smart contracts
$1,000 USD in Bitcoin
Bonus points if you include a plug-in for an editor that formats code and highlights any errors. The top linter will be rewarded.
Do:
- Check for matching parentheses
- Find and fix whitespacing that doesn't conform to code style
- Support for configuring specific linting rules, with sane defaults
- Build in a language that compiles to Javascript
- Build something that is easily integrated in any editor
Don't:
- Check for type errors
- Validate variable and function names
- Build something that only works for one editor
Submit your linter as a PR to the Clarity JS SDK repo on Github
Upcoming tool bounties
Telemetry dashboard
$2,500 USD in Bitcoin
Shows where other miners are and how healthy the network is. Good examples are https://ethstats.net & https://telemetry.polkadot.io/. The top 3 dashboards will be rewarded.
Do:
- Build something that is real time
- Find and display information that is unique to Clarity and Proof of Transfer
- Be creative — think about different metrics or views to build in
Don't:
- Build a copy of the Blockstack Explorer
To submit your dashboard, add a link to it in a new issue in the Bounties repo on Github
Live Stacking calculator
$2,500 USD in Bitcoin
Submit all info and a link to the repo with your submission as a PR to the Bounties repo on Github.The top calculator will be rewarded.
Do:
- Be creative with the metrics you include above those listed in the bounty description
- Consider the two target audiences: current Stackers or people thinking about Stacking. What would make this most useful to both of those groups?
- Incorporate historical and live data
- Think about incorporating data from outside sources (exchanges, oracles, etc.)
To submit your Stacking calculator, add a link to it in a new issue in the Bounties repo on Github
Terms
Services in scope
Code in the following GitHub repositories: stacks-blockchain, docs.blockstack, cli-blockstack, ux, stacks-transactions-js, stacks-blockchain-sidecar, explorer, bounties, clarity js sdk.
Exclusions
While testing, you must refrain from:
- Denial-of-service attacks
- Spamming
- Social engineering (including phishing) of Blockstack employees or contractors
- Any physical attempts against Blockstack property or data centers
- Violating any law or disrupting or compromising any data that is not your own
Eligibility
- To receive a reward, you must be at least 14 years old. If you are under the age of majority in your jurisdiction, you may need parental or guardian permission to participate.
- To receive a reward, you may be required to complete and submit to us an IRS tax form (e.g., Form W-8 or W-9) containing personal information.
- Blockstack employees, contractors, and immediate family members are ineligible to receive a reward.
- We are unable to issue rewards to individuals who are on U.S. sanctions lists, or who are in countries (e.g., Cuba, Iran, North Korea, Sudan, and Syria) on U.S. sanctions lists.
- There may be additional restrictions on your ability to participate depending upon your local law.
Legal points
By submitting, you agree to these terms and conditions. We have sole discretion to decide whether a submission wins an award. We may modify these terms and conditions or terminate this program at any time in our sole discretion.
We expect to pay a winner their reward within approximately six weeks of determining the winner and receiving all necessary documentation for processing payment, including completed tax forms. You are responsible for any tax implications of receiving a reward depending on your country of residency and citizenship.
These terms shall be governed by and construed in accordance with the laws of the State of New York without reference to its conflicts of laws provisions.
About
Earn rewards and help improve the Stacks 2.0 network by disclosing bugs and building useful tools.
TBA
Closed
None