Now that we have gone live with STDB2, we would like to place a bug bounty to incentivize the discovery of bugs in the code. The scope of the bug bounty is the 2 contracts StandardBounties.sol and BountiesMetaTxRelayer.sol. Any bugs found in our codebase but outside of those two contracts are NOT within the scope of this bug bounty.
This bounty will pay out for submissions following the OWASP model of grading severity. Payouts will be made to the first individuals who report bugs, and exploits will be ineligible for payouts if they've already been used on the main-net deployed contract. Non-security critical severity issues (style issues, gas optimizations) are not eligible for this bounty. Determinations of eligibility and all terms related to this award are at the sole and final discretion of the StandardBounties team. Any any bugs reported in https://github.com/ConsenSys/bounties-audit-report-2019-03 will also be excluded.
This bounty is listed for 0.5 ETH, but if you discover a bug that's of greater severity than Low, we will send the remaining funds to you as a tip after accepting your submission.
If you discover a bug, please submit it to this bounty. If you believe you may have found a bug but want to verify it's validity, please don't hesitate to reach out to me first. We are honest and will be happy to pay if legitimate bugs are discovered, even if you've told us about them before submitting to this bounty.
Submissions are private