Open: Bounty #7 - Bug Bounty Bug Bounties - #7

Current Status: Discussion

  • Discussion (01/03/2022)

  • Ratification

  • Open

Bounty Details

  • Current Bounty Account: 40 ICP

  • Project Type: Ongoing

  • Opened: 01/03/2021

  • Time Commitment: Days

  • Experience Type: Intermediate - Motoko; Intermediate - Web Dev

  • Issue Type: Bug Bounty


This bounty gives the opportunity to

  • learn about the Issues ICDevs has funded

  • learn about motoko, rust, and IC Development funds bounties that are completed by the community. It is often difficult to get developers to review and critique pull requests. This Bounty provides funds to incentivize those developers.

This bounty follows the taxonomy listed at Bugcrowd’s Vulnerability Rating Taxonomy - Bugcrowd. Bounties are paid out on the following schedule:

  • P1: 50% of fund

  • P2: 25% of fund

  • P3: 10% of fund

  • P4: 5% of fund

  • P5: 1% of fund

  • Other: At ICDevs Discretion

To claim the award you must notify of the bug. If the bug has security or data implications will work with you to notify the project owner of the bug and to find a solution. Once the bug has been addressed the person claiming the bounty will need to write a post-mortem issue as an issue on the source control application(ie github) explaining how they found the bug, the implications of the bug, and the resolution that was created.

Applicable Projects

Ongoing Bounty

This is an ongoing bounty and will stay open and available as long as there are funds in the bounty account.


The bounty was generously funded by the community and a Foundation Accelerator of 20 more ICP. If you would like to turbocharge this bounty you can seed additional donations of ICP to 6e3f1641fd3db4c52b4d06f5d035853fbc37e544c8a4fb99f6f1e187f88c8298. ICDevs will match the bounty 1:1 for the first 20 ICP and then 0.25:1 after that. All donations will be tax-deductible for US Citizens and Corporations. If you send a donation and need a donation receipt, please email the hash of your donation transaction, physical address, and name to More information about how you can contribute can be found at our donations page.


Acclerator Fund: - 20 ICP Direct


The Bug Bounty needs to be steadily refreshed with value. In order to do this we need endowments of the bug bounty from individual developers, companies, and DAOs in the IC Ecosystem. An endowment can be of any size, but we recommend at least 100 ICP. 20% of an endowment will be immediately put into the Bug Bounty Fund and the remaining 80% will be contributed to the Bug Bounty Neuron, an 8 year locked neuron. 2/3 of the proceeds of this neuron will fund the Bug Bounty and the remaining 1/3 will be contributed to the general endowment neuron that funds other ICDevs activities.

Other Bounties