Yuga Launches Public Bug Bounty Program
Yuga Devs
5 minutes

Yuga Launches Public Bug Bounty Program

The bounty program will reward hackers who responsibility disclose vulnerabilities with rewards of up to $50,000

Today, Yuga has opened its bounty program through HackerOne to the public. We care deeply about the security of our community, which is why we’ve been running this program on an invite only basis with a network of 800+ responsible hackers helping us identify and resolve security vulnerabilities since July. 

Now, we want to open the program to anyone, giving you the opportunity to earn rewards up to $50,000 for valid vulnerability reports that impact our services, websites, social accounts, and Discord servers. Helping us uncover anything that can cause disruption to our community – like taking over, manipulating content, or injecting arbitrary code into our websites – will result in a payout. 

The payout criteria is as follows: 

  • Low severity issues: $250-$1,000
  • Medium severity issues: $1,000-$5,000
  • High severity issues: $5,000-$25,000
  • Critical severity issues: $25,000-$50,000

To mark the public launch of the program we’re running a bonus campaign through December 26: 

  • Low severity issues: $670-$1,420
  • Medium severity issues: $2,000-$6,000
  • High severity issues: $7,500-$27,500
  • Critical severity issues: $30,000-$55,000

We invite you to join us!

For full program details and information on how to participate, visit: https://hackerone.com/yuga_labs.