In order to improve its systems, Justin Sun has recently started a Tron bug bounty program. So far, the program seems to be very successful, and the crypto has already handed out up to $25,000 in total to hackers skilled enough to uncover hidden vulnerabilities.
Tightening the Code
The bug bounty programs are nothing new in the world of online security. In fact, their popularity has been on a rise for quite some time now. Mostly, bug bounty programs have been used by different companies that wish to check their codes and security to prevent hacking attacks, leaks, and other forms of security breaches.
Due to the recent launch of its MainNet, and multiple processes that were following it, TRON has decided to do the same, and make sure that its systems are truly as good as they can be. The launch of the program was back in May of this year, and the results have already been showing.
So far, TRON bug bounty has paid up to $25,000 to various hackers that agreed to help the crypto with checking its new blockchain. It would seem that the number of bugs and flaws have already been detected by multiple skilled individuals, and TRON has rewarded them for their contribution.
Now, it would seem that TRON is trying to step up its game, and has started offering a completely new set of payouts.
TRON Offers Even More Money for bugs
It is believed that the seriousness of some of the bugs, or at least the large number of them, has inspired TRX’s team to offer even larger rewards for big bugs. This proves that the team is serious in its plan to secure the blockchain, and they wish to leave no flaws undiscovered.
Despite the fact that the crypto has already paid up to $25,000 for the uncovered bugs, they clearly believe that there is more to be found. Because of that, they have introduced three new levels of bug severity, each of them accompanied by a different payout.
Bugs that the hackers report from now on and TRON’s team recognizes as critical will be rewarded with $50,000. These include the bugs that allow third parties to take control of java-Tron nodes via remote code execution, as well as the bugs that may allow the leakage of users’ private keys.
Then, there are bugs that are estimated to be high when it comes to their severity. These include bugs that might allow DoS in java-TRON via the P2P network, or via RPC-API. Bugs like these will be rewarded with a $10,000 payout.
Finally, the third category includes the bugs that are seen as a medium threat, and they include those that might allow DoS in java-TRON via TRON protocol. Also, bugs that allow unauthorized access and operations on users accounts will also fall under this category. For bugs like this, TRON is willing to pay up to $6,000.
It is unknown whether or not TRON’s team expects such large flaws to even be found at this point, but it is obvious that they are leaving no stone unturned in the search for them.
Additionally, TRON will also pay lower amounts for less serious bugs, and hackers that find some of those might earn about $100 per bug. It should also be mentioned that TRON is currently only rewarding bugs found in the java-Tron code repositories. The reports of bugs found in tron.network, tronscan.org, or tronlab.com, while greatly appreciated, will not receive a reward right now.
Those wishing to report bugs can contact TRON’s team via HackerOne, and provide information like the bug’s source, the severity assessment, the summary of the flaw, ass well as its detailed description, and instructions on how the bug can be recreated. Apart from that, those who have discovered the bug can also provide proof of concepts, screenshots, logs, source code, and alike.