You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Gizem
ef4922a0bb
|
5 years ago | |
---|---|---|
bls_key_util | 5 years ago | |
engineering-excellence | 5 years ago | |
git-cheat-sheet | 6 years ago | |
harmony-signing | 5 years ago | |
LICENSE | 6 years ago | |
README.md | 5 years ago |
README.md
Harmony Open
Open-participation projects for Harmony. Propose, rally, build, reap!
Welcome to Harmony Stake Heist
Stake Heist is Harmony's adversarial hacking competition that will take place before open staking launch. We are collaborating with Gitcoin and will launch the competition on 6th of April. We currently expect competition to go for 2 weeks, but also likely to have some extensions.
What are the bounties?
There are two categories of bounties in Stake Heist:
- [Exploit] (https://github.com/harmony-one/harmony/labels/exploit): These bounties help us identify vulnerabilities in our design and code. These are open ended and usually include attack vectors and exploits.
- Since these bounties are open ended and difficult to pre-define, they will have a tiered prize mechanism.
- [Project] (https://github.com/harmony-one/harmony/labels/project): These bounties are projects that are useful for validators and delegators in staking. The requirements for these bounties are more clear (compared to exploits).
Prizes and judging criteria
Submission and reset process
For exploits:
1. an issue is opened with valid submission criteria and evidence
2. Bounty submission to be a valid by Harmony team: each submission to tagged as valid/invalid within 6 hours of submission
3. If network is affected, network should be relaunched / reverted within 3 hours
4. Share post-attack announcement: Attack performed and details (github link), ETA on network relaunch (if applicable), CTA for participants
5. Relaunch / upgrade coordination with participants
6. Recurring or similar bounties will not be rewarded, hackers should assume valid exploits that are submitted as out-of-scope until further notice (unless the exploit is performed in a distinctive way)
Terms
Last but not least
Be sure to STAR our open source project before you start working on the bounty! Happy Hacking!