Open-source development is core to the ethos of Chainlink, as it’s not only an open-source technology itself but it has been continually improved thanks to active contributions from the larger blockchain community. We’re thrilled to announce that Chainlink has launched a formal bug bounty program on Gitcoin, with large financial support (over $100k in LINK) from our recently released Chainlink Community Grant Program. We’re excited to be providing Gitcoin and developers with premium/above average bounties to help secure the Chainlink Network.
To take part in the Bug Bounty Program on Gitcoin:
- Check out the Onboarding Page to join: https://gitcoin.co/hackathon/chainlink-bug-bounty/onboard
- Refer to the Bounties Page to learn more details: https://gitcoin.co/issue/smartcontractkit/chainlink/3239/100023497
The goal of Chainlink’s Bug Bounty Program on Gitcoin is to work even more closely with the open-source community that has built and helps secure Ethereum and many of the DeFi applications running on Ethereum that already use Chainlink. Working together with the Gitcoin community will help make Chainlink’s core infrastructure even more resilient and tamper-proof, allowing it to keep Chainlink, DeFi, and its many user funds safe, as well as help Chainlink secure even more value for DeFi and various other universally connected smart contracts.
By responsibly disclosing any potential vulnerabilities, you’re helping support Chainlink’s open source security guarantees, and you can earn between $250-$5000 in LINK with a 2X bounty multiplier until September 30th, for a maximum bounty prize of up to $50,000. Bounties will be paid out directly on the GitCoin platform in LINK, allocated from the Chainlink Community Grant Program, with additional bounties continuing to be paid out over time after September 30th. A total of $100k in LINK has already been allocated and sent into Gitcoin for this program.
We’re most interested in mitigating any potential vulnerabilities surrounding the Solidity-based smart contracts and Golang/TypeScript based Chainlink core node software. Issues related to a loss of funds for the node operator or requester will take the highest bounty rewards.
The innovative and astute community around Gitcoin has added tremendous value to the entire Ethereum space, and we are looking forward to the talented Gitcoin developer community contributing to both Chainlink’s security and therefore security across DeFi. We’re excited to devote resources to continually increase the security of the Chainlink Network through Gitcoin and many other future bounty programs from the Chainlink Community Grant Program.
This bug bounty program on Gitcoin will act as an expansion to our long-running bug bounty program on hacker.one, which is still ongoing and which we invite Hacker One community members to contribute to as well. Together with Gitcoin’s help, we’ll be able to get as many eyes on the Chainlink source code as possible, allowing us to take full advantage of the of open source software’s ability to have multiple independent reviewers, further hardening the Chainlink protocol, as it continues to scale up and continually improve to secure the rapidly growing DeFi ecosystem.