search

api3dao / vitepress-docs

Next generation of api3-docs
https://docs.api3.org/
MIT License
10 stars 14 forks source link

Create a bug bounty program #404

Open wkande opened 3 years ago

wkande commented 3 years ago

From api3dao/api3-docs#474 (Airnode) - Create a bug bounty program api3dao/api3-docs#474

The closest thing we have to a bug bounty is https://github.com/api3dao/api3-dao#bug-bounty

We need to do this properly, add it to docs, link it from the repo READMEs.

bbenligiray commented 3 years ago

The issue at https://github.com/api3dao/airnode/issues/474 is closed and this is now tracked by https://api3dao.atlassian.net/jira/software/projects/CT/boards/28?selectedIssue=CT-1

ferdiozturk commented 2 years ago

How about using https://immunefi.com/?

bbenligiray commented 2 years ago

How about using https://immunefi.com/?

Looks decent. The main blocker of this bug bounty thing is that what the terms and amount will be is a governance decision, but the DAO will have to trust the payout with a multisig because the bug can't be disclosed publicly (for voters' consideration) before the payout. So coming up with an acceptable setup is not trivial so I'm personally postponing it until someone leads the effort.

wkande commented 2 years ago

@bbenligiray Shall we keep this active? Has there been any discussion at all?

bbenligiray commented 2 years ago

It needs to be tracked somewhere, but no, I personally can't find time for this

bbenligiray commented 1 year ago

Promoting products and services in issues is not welcome