Strengthen Nimiq's security, earn rewards.
This is an extension of the Bug Bounty Program for Nimiq Proof-of-Work.
Nimiq is a simple, secure and censorship-resistant payment protocol, native to the web. We are now focusing on strengthening our Zero Knowledge Proof Circuit Design and Implementation. We look forward to working with the community to find security vulnerabilities in this specific area to keep our protocol as safe as possible.
Nimiq will make a best effort to meet the following SLAs for hackers participating in our program:
We’ll try to keep you informed about our progress throughout the process.
|Zero Knowledge Proof Circuit Design and Implementation||$3'000||$1'000||$500||$200|
Our rewards are based on severity per CVSS (the Common Vulnerability Scoring Standard). Please note these are general guidelines, and that reward decisions are up to the discretion of Nimiq. All payouts are made in BTC or NIM equivalent at time of payment.
Zero Knowledge Proof Circuit Design and Implementation: Source Code
We are focusing on identifying and resolving vulnerabilities specific to our Zero Knowledge Proof Circuit Design and Implementation. In particular, we are interested in:
Please refer to the source code for insights into potential exploits. Your reports should focus on these areas, and any submissions outside these specific subjects will be considered out of scope.
NOTE: When reporting vulnerabilities, please consider (1) attack scenario / exploitability, and (2) security impact of the bug.
By subscribing to this list, please be assured that you will not be receiving our regular newsletters or any other promotional content. This mailing list is solely dedicated to providing notifications and updates about our ongoing Bug Bounty Program.
In the coming months, we will be expanding the program and adding new items to the "In Scope" section. Your continued support, participation, and vigilance are critical to the security and success of Nimiq. By staying connected through this mailing list, you'll be the first to know about any additions or changes in our bug bounty activities.
We greatly appreciate your support and cooperation in keeping Nimiq secure.
Input your email to subscribe to the Bug Bounty Program Mailing List
None of the statements must be viewed as an endorsement or recommendation for Nimiq, any cryptocurrency, or investment product. Neither the information, nor any opinion contained herein constitutes a solicitation or offer by the creators or participants to buy or sell any securities or other financial instruments or provide any investment advice or service. All statements contained in statements made in Nimiq’s web pages, blogs, social media, press releases, or in any place accessible by the public, and oral statements that may be made by Nimiq or project associates that are not statements of historical fact, constitute “forward-looking statements”. These forward-looking statements involve known and unknown risks, uncertainties, and other factors that may cause the actual future results, performance, or achievements to be materially different from any future results, performance, or achievements expected, expressed, or implied by such forward-looking statements.