Lambda Bug Bounty Program - DropsEarn
Lambda Bug Bounty Program

Lambda Bug Bounty Program

    Lambda encourages the community to disclose wallet security vulnerabilities, and to play a role in building Lambda ecosystem, thereby receiving USDT bounties as reward.

    Reward pool
    $10,000
    Expected profit
    from $30
    Max participants
    DropsEarn score
    Neutral

  • Activity Type: Bug bounty Community
  • Date: 12 Sep 2020 14:00(UTC+3) - 23 Dec 2020 14:00(UTC+3)
  • Registration: Closed
  • When reward: 15 working days
  • Event status: You can't participate (Event ended)
  • Links: Registration Official Announcement
Go to event page

Image for post

Event details

Bounty Eligibility


Image for post


According to the severity calculated by OWASP Risk Rating Method based on Impact and Likelihood.

Impact

  • High: Bugs affecting asset security.
  • Medium: Bugs affecting system stability.
  • Low: Other bugs that do not affect asset security and do not affect system stability.

Likelihood

  • High: The bug can be discovered by anyone who performs an operation, regardless of whether or not the bug has been found.
  • Medium: Only certain people can discover it (such as a bug that only developers encounter, ordinary users are not affected.)
  • Low: Covers less than 1% specific population, such as certain rare Android models; or any other exceptional cases.

The Amount of Rewards

To ensure the bug reporter obtains a stable expected reward, USDT will be the main crypto as rewards.

The reward amount is divided into 5 categories:

  • Critical: 1,000 + USDT (No upper limit)
  • High: 500 + USDT
  • Medium: 200 + USDT
  • Low: 50 + USDT
  • Note: 30 + USDT

If reporters provide the solution of security vulnerabilities, the reward will be more than doubled.

Bounty Judges

Judges are from Lambda Technical Committee.

Report A Bug

Please send bug report via the google form here.

Notes

  1. Please ensure the accuracy and clarity of the content, because the reward evaluation will be based on the content submitted in this form.
  2. If many people discover the same bug, then their report submissions in chronological order will determine their reward. Community users are welcome to discuss the issues of bugs, but the discussion itself is not considered a report, therefore a report form must still be submitted.

The Final reward list announcement

After the bounty program, the final reward list and the reward amount will be announced on Twitter and Weibo channel, and rewards will be issued within 15 working days.

Notes

  • The Lambda Bug Bounty Program is from 09/12/2020 16:00–23/12/2020 16:00 (UTC+8). The Lambda Technical Committee reserves the right to final interpretation of the bounty program, and the rights to adjust or cancel the reward scope, eligibility and amount.
  • TheLambda Technical Committeewill confirm and evaluate the bug report after its submission. The evaluation time will depend on the severity of the problem and the difficulty of fixing it. The evaluation result will be sent to its reporter by email as soon as possible.
  • Reporters shall keep the bugs non-public and confidential until 30 days after submitting the bugs to Lambda, and shall not disclose the bugs to any third party. Such confidentiality timeline can be extended by Lambda unilaterally. If reporters disclose the bugs to any third party that causes any harm to Lambda or Lambda’ users, reporters shall be responsible for the compensation for all the losses.
  • The Lambda Technical Committee encourages community member to discuss with the Lambda community and Interstellar technical team and other community members in the Lambda public discussion group. Team also encourage community members to join in fixing these bugs. Please join telegtam group for discussion.

Socials