• The Informer Post
  • Posts
  • Tron (TRX) Tightens Code, Hands Hackers $25,000 in Bug Bounties

Tron (TRX) Tightens Code, Hands Hackers $25,000 in Bug Bounties

Tron’s new bug bounty program is paying off.

Since launching at the end of May, Tron has handed out $25,000 to ethical hackers who have identified vulnerabilities on its new blockchain, according to HackerOne.

The platform is now offering payouts for $50,000, $10,000 and $6,000 based on the severity of the bug. Here’s the breakdown:

Critical – $50,000

  • bugs which can take control of java-tron nodes by remote execution of any code

  • bugs which can lead to private key leakage

High – $10,000

  • bugs which can incur Denial of Service (DoS) in java-tron through P2P network

  • bugs which can incur Denial of Service (DoS) in java-tron through RPC-API

Medium – $6,000

  • bugs which can incur Denial of Service (DoS) in java-tron through TRON Protocol

  • bugs allowing unauthorized operations on user accounts

In addition, hackers who find low priority bugs can earn $100. At this point, only bugs found in the java-tron code repositories are eligible for bounties.

Issues with tronscan.org, tron.network and tronlab.com do not have any bounties associated with them, although Tron is encouraging people to report issues if they find any.

To report bugs, you can contact the Tron team through HackerOne and include:

  • The source of the bug, e.g. tronprotocol/java-tron

  • Your personal assessment of the severity of the bug as medium/high/critical

  • A summary of the bug

  • A detailed description of the bug

  • Instructions to recreate the bug

  • Other supplementary materials such as proof of concepts, source code, screenshots or logs

Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.