RSK Bug Bounty Program Submission
For full details on the bounty program please visit
Note: You may provide a pseudonym, however it makes you ineligible for BTC rewards unless you choose to donate your bounty reward to charity.
Example: Remote Denial-of-service using non-validated blocks.
Example: An attacker can send blocks which may require a high amount of computation (the maximum gasLimit) but has no proof-of-work. If the attacker sends blocks continuously, the attacker may force the victim node to 100% CPU utilization.
Software components & affected versions
Example: rskj client version v0.4.0
Instructions to reproduce
Example: Send a block to a testnet node which contains many txs but no valid PoW. Or better send a file with reproduction details or a working proof of concept.
Any other details not covered.
Never submit passwords through Google Forms.
This form was created inside of RSK.
Terms of Service