In any complete decentralized network, security is paramount. Building a strong security network has always been one of the core goals of the Filecoin project’s inception. Filecoin’s consensus mechanism (such as proof of replication and proof of space and time), the establishment of strong security habits, and the development of secure code are measures to ensure the security and reliability of the Filecoin network system.
Recently, as the preparation for the FVM M1 version upgrade in May, the Filecoin Virtual Machine team invited bug hunters and community developers to help find vulnerabilities in the FVM M1 codebase, also known as the “FVM Bug Bounty Program”.
Since this is a brand new codebase, the Filecoin VM team is primarily concerned about inviting more external developers to review the M1 codebase for potential bugs. At the same time, it also gives the Filecoin community an opportunity to explore how FVM is implemented in order to provide valuable feedback.
In the FVM Bug Bounty Program, individuals who report security vulnerabilities are eligible for bug bounties, the amount of which is determined based on the severity of the reported vulnerability. Here are the points reporters can get for reporting vulnerabilities:
l Key: Up to 100,000 points
l High: Up to 50,000 points
l Medium: Up to 15,000 points
l Low: Up to 2,500 points
Currently 1 point = 1 USD (paid in USD, DAI or FIL).
High-quality written descriptions, test code, scripts, and detailed instructions for reported vulnerabilities, along with well-documented fixing measures, will be a great help to get higher rewards.