Development resources at your finger tips
Build with the coolest Web3 projects
Recurring funding for Open Source
Learn about Web3 & earn rewards
Show appreciation for each other
Meet fellow developers, designers, futurists and more. Collaborate and BUIDL awesome projects together.
Discover great web3 organizations, work on meaningful projects and build relationships with like minded people. Browse Tribes
Meet the top hunters and contributors from our community.
Heya Gitcoiners & Gitcoinerettes! They say that July is the warmest month of the year (location depending), and we’re definitely getting ready fo…
Howdy, Gitcoiners! This month we’re running hackathons, we launched Grants Round 6 (which we just tweaked big time btw), we’re building, we’re improv…
Gitcoin is GDPR complaint. Learn more in
Gitcoin's Terms & Conditions.
Check out the Issue Explorer
Looking to fund some work? You can submit a new Funded Issue here.
This bounty is inspired by [The broken EIP security incentive](https://medium.com/@decanus/the-broken-eip-security-incentive-71fbdf25ab02).
This is a bounty worth up to 20 ETH for any Istanbul Hard Fork EIP
- that has been accepted into the Istanbul HardFork by the core devs.
- that you can find a *critical* security hole in.
Severity is judged by the OWASP model, as my discretion:
Payouts will be as follows:
* Critical: 20 ETH, subject to exponential decay conditions set below.
* High: 5 ETH, subject to exponential decay conditions set below.
* Medium: Gitcoin Kudos
* Low: Gitcoin Kudos
* Note: Gitcoin Kudos
# Bounty Payout Exponential Decay
In order to incentivize the community to find bugs in the EIPs *early*, I will be applying the following exponential decay to the bounty payouts.
* May 15th (when EIPs are finalized for Istanbul) -- 100% payout (20 ETH)
* Instalbul Hard Fork Date (which I'm told is in the Fall sometime) - 25% payout (5 ETH)
The decay curve of the bounty is visualized via this curve, which I have lifted from [this post](https://medium.com/@decanus/the-broken-eip-security-incentive-71fbdf25ab02):
# Other terms
* If you are a funder who would like to increase the incentive for this bounty to be solved early, and would like to do so by contributing to this bounty, please use the "contribute funds" feature on Gitcoin.
* I will pay out the bounty with my funds once. If subsequent bugs are found in other EIPs, we will have to crowdfund the payouts.
* Bounty must be claimed by a security researcher who is not an author of the EIP, and has not colluded with the EIP authors in any way. If collusion is detected, then any claims on the bounty by colluders are null & void.
* Happy Bug Hunting