Zircuit
  • Introduction
  • Frequently Asked Questions (FAQ)
  • Tokenomics
    • Zircuit Token (ZRC)
    • Bridging ZRC to Zircuit
  • Build on Zircuit
    • Quick Start
    • Deploy on Zircuit
    • Zircuit LST/LRT Liquidity Hub
  • Architecture and Concepts
    • Architecture
      • Modular Prover Design
      • Template Proofs
      • Versions and Updates
    • Concepts
    • Sequencer Level Security (SLS)
    • Gas Pricing and Transaction Fees
    • Transaction Statuses
    • Supported Transaction Types
  • Research
    • Research
    • Publications and Grants
    • Talks and Panels
  • Dev Tools
    • Block Explorer
    • RPC Endpoints
    • Bridge
    • Verifying Contracts
    • ERC20 Tokens with Zircuit Canonical Bridge
    • Development Frameworks
    • CREATE2 Deployments
    • Oracles
    • Indexing and Subgraph
    • Relayers
    • Unsupported Opcodes
    • Precompiles
    • L1 Data Fee Calculation
  • Smart Contracts
    • L1 Contracts
    • L2 Contracts
    • Contract Addresses
    • Bridged Token Addresses
  • Security
    • Security
    • Privileged Roles
    • Bug Bounty
    • Audit Reports
  • Garfield Testnet
    • Garfield Testnet Quick Start
    • Garfield Testnet Bridging Prerequisites
      • Adding the Sepolia Network To Metamask
      • Adding The Zircuit Garfield Testnet Network To Metamask
      • Connecting Metamask To Zircuit’s Bridge
    • Deploy on the Zircuit Garfield Testnet
    • RPC Endpoints
    • Block Explorer
    • Verifying Contracts
    • Bridge
    • Faucet
    • Differences & Limitations
    • Contract Addresses
  • (DEPRECATED) Legacy Testnet
    • Legacy Testnet Quick Start
    • Legacy Testnet Bridging Prerequisites
      • Adding The Sepolia Network To Metamask
      • Adding The Zircuit Legacy Testnet Network To Metamask
      • Connecting Metamask To Zircuit’s Bridge
    • Deploy on the Legacy Zircuit Testnet
    • RPC Endpoints
    • Block Explorer
    • Verifying Contracts
    • Bridge
    • Faucet
    • Contract Addresses
  • Bridging Step-by-Step
    • Prequisites
      • Adding The Zircuit Network To Metamask
    • Bridging From Sepolia To Zircuit
    • Bridging From Zircuit To Sepolia
    • Completing Withdrawals From Zircuit
    • Bridging ERC20 Tokens Manually
    • Binance Web3 Wallet Task Tutorial
      • Binance Web3 Wallet Tutorial: Bridging back to Ethereum
    • Exploring Bridging Behaviors with EIP-7702
Powered by GitBook
On this page
  1. Security

Bug Bounty

We are committed to maintaining the highest security standards for our systems and our users. As part of this commitment, we are announcing the following Bug Bounty Program, detailed below. This program is designed to encourage and reward security researchers and ethical hackers for identifying and reporting potential security vulnerabilities in our systems.

Scope:

We welcome submissions that identify vulnerabilities in our smart contracts, web applications, and APIs. Submissions should focus on finding significant security issues that could potentially impact the integrity or availability of our data, or users' funds and data.

Rewards:

For smart contract vulnerabilities:

  • Critical - up to $100,000 USDC

  • High - up to $50,000 USDC

  • Medium - up to $10,000 USDC

  • Low - up to $5,000 USDC

For web vulnerabilities:

  • Critical - up to $10,000 USDC

  • High - up to $5,000 USDC

  • Medium - up to $2,000 USDC

  • Low - up to $500 USDC

Rules:

  • Do not engage in any activity that can harm Zircuit or its users.

  • Provide us with a reasonable amount of time to fix the issue before any public disclosure.

  • Do not exploit any vulnerability you find for any reason.

  • Adhere to all applicable laws and regulations.

Legal:

Participation in our Bug Bounty Program is subject to our terms and conditions. By submitting a report, you agree to these terms, which include confidentiality provisions and a release of claims against Zircuit.

Submission:

PreviousPrivileged RolesNextAudit Reports

Last updated 10 months ago

Bug submissions can be disclosed to .

bugbounty@zircuit.com