Bug bounty is currently closed.
Although our team has made every effort to rid all the bugs in our systems, there’s always the chance that we might have missed one posing a significant vulnerability. If you discover a bug, we appreciate your efforts and help reporting it to us so that we can fix it as soon as possible. For significant bugs, we offer rewards as outlined below.
Responsible investigation and reporting includes, but isn’t limited to, the following:
In general, please investigate and report bugs in a way that makes a reasonable, good faith effort not to be disruptive or harmful to us or our users. Otherwise your actions might be interpreted as an attack rather than an effort to be helpful.
Generally speaking, any bug that poses a significant vulnerability, either to the security of our site or wallet, could be eligible for reward. But it’s entirely at our discretion to decide whether a bug is significant enough to be eligible for a reward.
Security issues that typically would be eligible (though not necessarily in all cases) include: