State Guardian Network Bug Bounty (Preview)
Celer Network’s State Guardian Network has not been covered by any existing bug bounty before. We are planning to launch a new bug bounty program focusing on the State Guardian Network code base soon. This page contains the reward information for this future bounty program and basic criteria of the bounty.
We encourage early and responsible disclosure of vulnerability and will carry out good faith payout in either stable tokens or equivalent amount of CELR tokens, but please do note that this bounty is not officially launched and the scope of each category is subject to adjustment. Therefore, we reserve the right to interpret the scope and potentially lower the payout amount on a case-by-case basis during the pre-launch phase.
RewardsFor the rewards, payment can be in mainstream stable tokens or equivalent amounts of CELR tokens solely based on the discretion of the bounty issuer. The reward payout will be done within 180 days of the confirmation of the report.
Without compromising any validator, the attacker can make fake events (e.g., token or message bridge events and staking events) accepted and signed by the majority of the validators.
Without compromising any validator, the attacker can break the integrity of cross-chain token and message bridge, i.e., bridge incorrect tokens or messages across chains.
Without compromising any validator, the attacker can cause permanent loss of funds for users.
Without compromising any validator, the attacker can permanently halt the chain without any possibility of recovery.
Without compromising any validator, make a governance proposal pass without votes from the quorum of the validators’s stake.
Attacks that would be critical if one or more validators, together holding less than ⅓ of the stake, are compromised.
Attacks that would be critical but are very capital-intensive to carry out.
Without compromising any validator, halt the chain for an extended period of time.
With one validator being compromised, halt the chain for an extended period of time.
Cryptographic implementation flaws with limited impact.
Out of Scope and Rules
The following vulnerabilities are excluded from the rewards for this bug bounty program:
Attacks with root causes that are not in the SGN codebase.
Attacks that the reporter has already exploited themselves, leading to damage
Attacks requiring access to leaked any directly keys/credentials
Attacks requiring access to privileged addresses (governance, strategist)
Smart Contracts and Blockchain
Incorrect data supplied by third party oracles
Not to exclude oracle manipulation/flash loan attacks
Basic economic governance attacks (e.g. majority stake attack)
Lack of liquidity
Best practice critiques
The following activities are prohibited by this bug bounty program:
Any testing with mainnet or public testnet contracts; all testing should be done on private testnets
Any testing with pricing oracles or third party smart contracts
Attempting phishing or other social engineering attacks against our employees and/or customers
Any testing with third party systems and applications (e.g. browser extensions) as well as websites (e.g. SSO providers, advertising networks)
Any denial of service attacks
Automated testing of services that generates significant amounts of traffic
Public disclosure of an unpatched vulnerability in an embargoed bounty
Report SubmissionPlease send a plain-text email detailing the issue and steps to reproduce to email@example.com.