Saturday, 04 July 2020

Neo Launches Vulnerability Bounty Program, Top Prize of $10,000 in Neo

NEO launched a new vulnerability bounty program. The rewards for finding system vulnerabilities range from $500 up to $10,000 which will be paid in NEO equivalents.

NEO officially launched its vulnerability bounty program today, offering up to $10,000 for to the top prize developers who find critical issues in the network. Citing security as one of its top concerns, NEO said that it had rewarded several developers who found problems in the system in the past two years of mainnet launch. The new bounty program reiterates the network’s dedication towards proactive security measures and helping developers contribute to NEO.

What Does the Bounty Entail?

NEO informed that anyone who has found a potential vulnerability in the system could send their report to This email address is being protected from spambots. You need JavaScript enabled to view it.. The report will be investigated by the team and fixed as soon as possible. It also mentioned the China Cybersecurity Week (September 17 to 24) which is running in its 5th year now. The new Vulnerability Bounty Program has been timed with the Cybersecurity Week to highlight NEO’s support for government policy and the state’s policy of network security as it is a China-incubated open-source project.

Individuals and teams can participate in the bounty by visiting this page

Program Rules and Rewards

The NEO R&D team will evaluate all vulnerabilities depending on their influence, severity and other dimensions. The team will issue its first response in 5 business days, followed by another 5 days for triage. The feedback will be updated regularly on NEO’s social media and website. After the official announcement, rewards will take 3 days for distribution.

During the program, vulnerabilities related to the security and stability of design and implementation will be accepted. The bounty hunters must also send detailed reproduction reports to the team. If two or more people report the same vulnerability, the reward will be given to the first submitter. Moreover, it will count serial vulnerabilities as one vulnerability. The scope of the program will extend to neo, neo-vm, neo-compiler, neo-cli, neo-gui, neo-devpack-dotnet, and neo-plugins.

Rewards for the program will depend on the severity of the vulnerability. Critical issues will be paid up to $10,000, and high severity issues will be paid up to $5,000. Medium and Low severity issues will be paid up to $2,000 and $500 respectively. All rewards will be paid in NEO equivalents. It can also increase the rewards if deemed suitable.

Legal disclaimer: The insight, recommendations and analysis presented here are based on corporate filings, current events, interviews, corporate press releases, and what we've learned as financial journalists. They are presented for the purposes of general information only, and all the information belongs to the original publishers. These may contain errors and we make no promises as to the accuracy or usefulness of the information we present. You should not make any investment decision based solely on what you read here.

Creamcoin Marketcap