In brief:
The team at Chainlink has announced that the project will be expanding its Bug bounty program to ‘provide $100,000 in cash or LINK for the responsible disclosure of critical vulnerabilities in the Chainlink codebase’. Additionally, the Chainlink bug bounties will be available via Gitcoin and Hackerone.
The expansion of the Chainlink bug bounty program will support individual developers and security engineering teams who have continually aided in the resilience and robustness of the network. The team further explained that the developer and security communities were an essential cog in guaranteeing the safety of the Chainlink infrastructure.
The primary goal of expanding the Chainlink Bug Bounty Program is to both increase our support of the whitehat developer and security community for their continuous hard work, as well as ensure Chainlink’s core infrastructure can become even more robust and resilient against potential vulnerabilities.
As the most widely used decentralized oracle solution in the smart contract space, we take security measures extremely seriously, and are always looking to increase the number of eyes that are reviewing the Chainlink codebase as a means of further protecting user funds and the DeFi ecosystem as a whole.
The team at Chainlink further highlighted the following areas of interest for the investigation of bugs.
To note is that bugs affecting a Chainlink node through a publicly available surface will be eligible for an additional bonus through the bug bounty program.