PIVX Collaborates With HackerOne to Launch Bug Bounty Program
PIVX, a privacy-focused and open source blockchain project, has announced a bug bounty program aimed at securing the PIVX network against theft and attacks.
The program has been launched in conjunction with HackerOne and is intended to identify and fix security issues affecting the PIVX blockchain protocol and its implementation. The program is currently an invite-only but will be made public in the coming days.
The company said in a blog post:
“Privacy is the top priority for PIVX and this should be reflected in all areas of our work. With the growing adoption (and value) of PIVX, a dedicated security program and reporting process to handle security-related events is mandatory. This is especially hard to accomplish for a completely decentralized & open source project.”
According to the report, the rewards will be based upon the critical level of the vulnerabilities. A system called the Common Vulnerability Scoring System is used to give threats a score between 1 and 10. PIVX is offering at least $5,000 for critical vulnerabilities and $200 for low-level threats. A “bug bounty panel” exists to decide the appropriate rewards for reports that end up in the middle.
“We start with at least $5,000 for critical (9.0–10.0) vulnerabilities in the core PIVX implementation. We can upgrade the reward with a bonus on top. The reward for vulnerabilities with a low CVSS score (0.1–3.9) is $200,” the report stated.
Interested developers should review the scope of PIVX Bug Bounty, including how to submit potential bugs, available on the hackerone website https://hackerone.com/pivx-project/.