Features Starknet Journey DeFi FAQ Blog
Download
Mobile Menu Open
Mobile Menu Close
Features
Starknet Journey
DeFi
FAQ
Blog
Dark Mode Switcher
Light Mode Switcher
Dark Mode Switcher
Light Mode Switcher

Braavos Wallet Bug Bounty Program

The Braavos Bug Bounty Program invites security researchers and ethical hackers to enhance the security of our crypto wallet. Join us in safeguarding user funds and building a more secure blockchain experience on Starknet.
Braavos Nation
• Nov 4, 2024
2 min read


We invite security researchers and white-hat hackers to help us maintain the highest levels of security for our users. Braavos Wallet Bounty Program program is designed to reward those who identify bugs and other security vulnerabilities in our wallet, with the primary goal being the safety of user funds.


Vulnerability Severity Levels:

CRITICAL: Vulnerabilities that are highly likely to be exploited and can cause severe impact, such as the loss of significant funds. This includes exploits that allow attackers to gain access to wallets or manipulate transactions. Rewards for critical issues range from $10,000 to $20,000.

 

HIGH: Exploits with a high likelihood that can result in substantial financial losses under specific conditions, like attackers draining wallets. These vulnerabilities are rewarded with $1,000 to $10,000.

 

MEDIUM: Issues with a moderate likelihood, compromising user privacy or leaking sensitive data, such as personal information or transaction history, but not directly involving financial loss. Rewards range from $100 to $1,000.

 

LOW: Vulnerabilities with low likelihood or impact that do not compromise security or privacy, but may cause minor usability or interface issues. Rewards for these issues are $10 to $100.

 

Exclusions:

We do not pay for:

  •  basic website scan results or general findings that do not directly impact the security of user wallets, transactions, or personal information.
  • Attacks which require physical access to the device, or attacks based on a compromised device
  • ‘Best practice’ guidelines without a concrete attack

 

How to Submit:

To submit a vulnerability, please email to bounty@braavos.app the following required details:

 

  1. **Name** (required)
  2. **Email** (required)
  3. **Proof of Concept (PoC) Link**: This can be a screenshot, video, link to a site, or a Gist that demonstrates the issue.
  4. **Description**: A detailed explanation of the issue.
  5. **Steps to Reproduce**: Instructions on how to replicate the issue.
  6. **Expected Impact**: How this vulnerability could impact users or the platform.

 

We look forward to working with the security community to ensure our wallet remains secure and trusted.

 

Payout:

The severity level of the issue and the corresponding payout amount will be determined by Braavos, based on internal assessment.

Payments will be processed only after a valid invoice is submitted by the bounty submitter.

All payments will be made in USDC on the Starknet blockchain.

 

Braavos on Starknet

Braavos on Starknet

Twitter Linkedin

More Articles

Is MetaMask The Best Non-Custodial Wallet?

Is MetaMask The Best Non-Custodial Wallet?

Your non-custodial wallet could turn custodial with a single update. Learn about this risk, and how to counter it, in our latest post.
Account Abstraction
Aug 2, 2023
What is the Best Wallet for Staking on Starknet?

What is the Best Wallet for Staking on Starknet?

Discover the best wallet for staking on Starknet from the four available options. You'll be surprised by where MetaMask stands!
Smart Contract Wallet
Nov 15, 2023
Starknet Explorer: Which is Better, Starkscan or Voyager?

Starknet Explorer: Which is Better, Starkscan or Voyager?

Looking for the best Starknet explorer? Compare Starkscan and Voyager to find out which one suits developers and data enthusiasts best.
Starknet Ecosystem
Apr 15, 2024

Be The First To Know

Subscribe now and receive monthly updates and interesting news about Braavos and Starknet ecosystem.