Home
Welcome to the Improvement-Bounty!
To show some appreciation for external and internal contributions, EigenPhi maintains a Bug and Improvement Bounty Program that designed to reward responsible disclosure of qualifying bugs and improvements regarding our new tool “EigenTx”. EigenTx is a public-facing data visualization tool on various chains, which aims to help understand the details of any on-chain transactions, whether straightforward or complex.
EigenPhi, a blockchain-native Defi search engine for all players that provides real-time multilayer token-flow browser and contextualized trading strategy analytics is glad to introduce the Bug bounty. A continuation of the series of bounty programs created for both our certified and prospective members.
Responsible Disclosure Policy
You disclose responsibly if you:
- Give us a reasonable amount of time before disclosing the vulnerability publicly.
- Make a good faith effort to not interrupt or degrade our service.
- Do your best to follow these guidelines in discovering and disclosing a vulnerability, we will not take any legal action against you. We will do our best to respond to your submission as quickly as possible, keep you updated on the fix, and award a bounty where appropriate.
Bounty Duration
The duration of the Bug bounty competition is as follows: 12 PM EDT, Sep 16th -- 12 PM EDT, Sep 30th.
Rules To Follow
Adhere to the Responsible Disclosure Policy above.
All participants MUST follow all the social media platforms of EigenPhi to qualify for rewards.
Do not attempt to hack any of EigenPhi's social media or products.
Report only original and previously undisclosed bugs.
Do not disclose a bug publicly before it has been fixed.
Do not use scanners or automated tools to find bugs.
Do not attempt non-technical attacks such as social engineering, phishing, or physical attacks against our employees, users, or infrastructure.
Do not attack the reliability or integrity of our services (e.g, no DDoS attacks, blackhat SEO techniques, spamming, or similar questionable acts).
Employees of EigenPhi and its subsidiaries are ineligible.
If you have any doubts or questions, join our [Discord](https://discord.io/EigenPhi) and ask to speak with an admin.
Eligible Entries - In Scope Vulnerabilities
The scope of the assets for Bug&Improvement bounty will not be limited.
Bug Bounty: Any bugs in the use of EigenTx.
Improvement Bounty: Advice of EigenTx, any new function requirements related to EgienTx, etc.
Ineligible Entries
We do not reward bounties for any vulnerabilities not under our direct control. For example:
- Issues requiring physical access to hardware
- Denial of Service
- Vulnerabilities in 3rd party software
- Social engineering
- Usability issues etc.
Apply using the form below:
Bug Bounty: [Apply here](https://docs.google.com/forms/d/e/1FAIpQLScNRYINF2q5pBQgQCmdljIHjfMrjaEqeUqQTJgTzBq-Agu-9A/viewform)
Improvement Bounty: [Apply here](https://github.com/eigenphi/Improvement-Bounty/wiki/The-EigenPhi-Bug-and-Improvement-Bounty)
Reward Structure
🐞For Bug Bounty
The prize will be distributed among all winning participants and the quantity of rewards awarded will vary depending on the Serverity e.g. Critical, High, Medium, Low.
NB: Stakes will be assigned at first to winning entries depending on the quality of the submission and rewards will follow afterwards.
Rewards will be assigned based on:
Quality of description: Higher rewards are paid for clear, well-written submissions.
🏆For Improvement Bounty
A prize pool of $500 will be distributed based on the votes of all users. There will be 11 winners in total! Please see below the breakdown of the Improvement Bounty rewards:
1st: $150
2nd: $100
3rd: $50
4th-11th: $25
Winners will be announced after the end of the Bug and Improvement bounty. Instructions on how to receive rewards will be made available to all winners!