Ruka kwenda kwenye maudhui makuu

Wazi kwa mawasilisho

Safu ya makubaliano na zawadi za wadudu

Jishindie mpaka USD 50,0000 na nafasi katika ubao wa viongozi kwa kutafuta hitalafu za safu ya makubaliano na programu.

Wasilisha mdudu(opens in a new tab)Soma maelekezo
  • 1
    In place number 1 with 46100 pointsGuido Vranken (See Github Profile)(opens in a new tab)
    46100 pointi
  • 2
    In place number 2 with 42400 pointsprotolambda (See Github Profile)(opens in a new tab)
    42400 pointi
  • 3
    In place number 3 with 40000 pointsMartin Holst Swende (See Github Profile)(opens in a new tab)
    40000 pointi
  • 4
    In place number 4 with 35000 pointsSam Sun (See Github Profile)(opens in a new tab)
    35000 pointi
  • 5
    In place number 5 with 31000 pointsnrv (@nervoir)
    31000 pointi
Tazama ubao kamili wa wanaoongoza

Wateja walioangaziwa kwenye zawadi

Wadudu waliokubaliwa

Mpango huu wa fadhila za hitilafu unalenga kutafuta hitilafu katika vipimo vya msingi safu ya makubaliano ya Mnyororo Kioleza na utekelezaji wa mteja wa Lighthouse, Nimbus, Teku na Prysm.

Hitilafu za ubainishaji wa mnyororo kioleza

Mnyororo Kioleza hutoa maelezo ya vipimo vyenye mantiki ya uundaji na mabadiliko pendekezwa kwenye Ethereum kupitia maboresho ya mnyororo kioleza.

Soma vipimo kamili(opens in a new tab)
Execution Layer Specifications(opens in a new tab)

Itakuwa vizuri kuangalia maelezo yafuatayo:

Aina za hitalafu

  • Hitimisho kuvunja wadudu
  • Visababishi vya kunyimwa huduma (DOS)
  • Kutofautiana kwa dhana, kama vile hali ambapo wathibitishaji waaminifu wanaweza kupunguzwa
  • Hesabu au kutofautiana kwa uthabiti

Nyaraka za vipimo

Mlolongo wa beacon(opens in a new tab)
Chaguzi la njia panda(opens in a new tab)
Mkataba wa amana wa Solidity(opens in a new tab)
Mtandao wa rika-kwa-rika(opens in a new tab)

Wadudu wa programu ya safu ya makubaliano

Wateja wataendesha mnyororo kioleza mara maboresho yatakapozinduliwa. Wateja watafuata mantiki iliyowekwa mahususi na kua salama dhidi ya mashambulizi. wadudu tunaotaka kupata ni wale wanaohusiana na utekelezaji wa itifaki.

Kwa sasa Lighthouse, Nimbus, Teku, na Prysm weanastahiki zawadi. Lodestar i8nastaahiki zawadi pia, lakini mpaka ukaguzi wa kina utakapofanyika pointi zao na zawadi zitakuwa asilimia kumi tu. ( malipo ya juu ni DAI 5,000). Wateja/Programu zingine zitaogezwa iwapo ukaguzi utafanyika na kuwa tayari kwa uzalishaji.

Aina za hitalafu

  • Vipimo na masuala yasiyo ya kufuata
  • Ajali zisizotarajiwa au kunyimwa kwa udhaifu wa huduma
  • Masuala yoyote yanayosababisha makubaliano yasiyoweza kurekebishwa hugawanyika kutoka kwa mtandao wote

Viungo vya kusaidia

Besu(opens in a new tab)
Erigon(opens in a new tab)
Geth(opens in a new tab)
Lighthouse(opens in a new tab)
Lodestar(opens in a new tab)
Nimbus(opens in a new tab)
Nethermind(opens in a new tab)
Prysm(opens in a new tab)
Teku(opens in a new tab)

Solidity bugs

See the Solidity SECURITY.MD for more details about what is included in this scope.

Solidity does not hold security guarantees regarding compilation of untrusted input – and we do not issue rewards for crashes of the solc compiler on maliciously generated data.

Viungo vya kusaidia

SECURITY.md(opens in a new tab)

Deposit Contract bugs

The specifications and source code of the Beacon Chain Deposit Contract is part of the bug bounty program.

Viungo vya kusaidia

Deposit Contract Specifications(opens in a new tab)
Deposit Contract Source Code(opens in a new tab)

Haijajumuishwa

Muungano na maboresho ya mnyororo wa kigae viko kwenye hatua ya uundwaji na bado havijajumuishwa kama sehemu ya programu ya fadhila.

Wasilisha mdudu

Kwa kila hitilafu utakaoipata utapata pointi. Kwa kila pointi utakayopata itategemea ukali wa hitilafu. Hitilafu za Lodestar zinazawadiwa asilimia 10 ya pointi zilizoorodheshwa hapo chini, mpaka ukaguzi wa ziada utakapokamilika. Msingi wa Ethereum (EF) utaamua ukali wa hitilafu kwa kutmia mbinu ya OWASP. Angalia njia ya OWASP(opens in a new tab)

EF itatoa alama kulingana na:

Ubora wa maelezo: Zawadi za juu hulipwa kwa mawasilisho yaliyo wazi na yaliyoandikwa vizuri.

Ubora wa kuzaliana: Tafadhali jumuisha nambari ya jaribio, hati na maagizo ya kina. Kadiri inavyokuwa rahisi kwetu kuzaliana na kuthibitisha uwezekano wa kuathiriwa, ndivyo zawadi inavyoongezeka.

Ubora wa kurekebisha, kama umejumuishwa: Zawadi kubwa hulipwa kwa waliotoa maelezo yanayoeleweka juu ya kutatua tatizo.

Mpaka DAI 2,000

Chini

Mpaka DAI 2,000

Mpaka pointi 1,000

Ukali

  • Athari ya chini, uwezekano wa kati
  • Athari ya wastani, uwezekano mdogo

Mfano

Mshambulizi wakati mwingine anaweza kuweka nodi katika hali inayosababisha kuacha uthibitisho mmoja kati ya kila mia moja unaotolewa na kiidhinisha
Wasilisha hitilafu yenye hatari ndogo(opens in a new tab)
Mpaka DAI 10,000

Wastani

Mpaka DAI 10,000

Mpaka pointi 5,000

Ukali

  • Athari ya juu, uwezekano mdogo
  • Athari ya wastani, uwezekano wa kati
  • Athari ya chini, uwezekano wa juu

Mfano

Mshambulizi anaweza kufanya mashambulizi ya kupatwa kwa jua kwenye nodi kwa vitambulisho rika na baiti 4 zinazoongoza kwa sufuri
Wasilisha hitilafu ya hatari ya wastani(opens in a new tab)
Mpaka DAI 20,000

Juu

Mpaka DAI 20,000

Mpaka pointi 10,000

Ukali

  • Athari ya juu, uwezekano wa kati
  • Athari ya wastani, uwezekano wa juu

Mfano

Kuna hitilafu ya makubaliano kati ya wateja wawili, lakini ni vigumu au haiwezekani kwa mshambuliaji kuanzisha tukio.
Wasilisha hitilafu muhimu ya hatari(opens in a new tab)
Mpaka DAI 50,000

Muhimu

Mpaka DAI 50,000

Mpaka pointi 25,000

Ukali

  • Athari ya juu, uwezekano wa juu

Mfano

Kuna hitilafu ya makubaliano kati ya wateja wawili, lakini ni vigumu au haiwezekani kwa mshambuliaji kuanzisha tukio.
Wasilisha hitilafu muhimu ya hatari(opens in a new tab)

Sheria za utafutaji wadudu

Mpango wa zawadi za hitilafu ni mpango wa siri wa majaribio na wa hiari kwa jumuiya yetu inayotumika ya Ethereum ili kuwatia moyo na kuwatuza wale wanaosaidia kuboresha jukwaa. Sio mashindano.Unapaswa kujua kwamba tunaweza kuondoa programu wakati wowote, na tuzo ni kwa uamuzi wa kidirisha cha fadhila jukwaa la Ethereum.Kwa kuongezea, hatuwezi kutoa tuzo kwa watu ambao wako kwenye orodha ya vikwazo au ambao wako katika nchi zilizo kwenye orodha ya vikwazo. Mfano( Korea kaskazini, Iran, na nyingine). Unawajibika kwa ushuru wote. Tuzo zote ziko chini ya sheria inayotumika. Hatimaye, jaribio lako lazima lisikiuke sheria yoyote au kuathiri data yoyote ambayo si yako.

  • Masuala ambayo tayari yamewasilishwa na mtumiaji mwingine au tayari yanajulikana na wasimamizi wa mteja hayastahiki zawadi.
  • Ufichuaji hadharani wa athari huifanya isistahiki kupata faida.
  • Watafiti na wafanyakazi wa Msingi Ethereum na timu za programu za makubaliano hawastahiki zawadi.
  • Mpango wa fadhila wa Ethereum huzingatia idadi ya vigezo katika kuamua zawadi. Maamuzi ya kustahiki, alama na masharti yote yanayohusiana na tuzo ni kwa uamuzi wa mwisho wa Msingi wa jukwaa la Ethereum.

Execution Layer Bug Bounty leaderboard

Find execution layer bugs to get added to this leaderboard

  • 1
    In place number 1 with 37500 pointsMartin Holst Swende (See Github Profile)(opens in a new tab)
    37500 pointi
  • 2
    In place number 2 with 35000 pointsSam Sun (See Github Profile)(opens in a new tab)
    35000 pointi
  • 3
    In place number 3 with 31000 pointsnrv (@nervoir)
    31000 pointi
  • 4
    In place number 4 with 28250 pointsGuido Vranken (See Github Profile)(opens in a new tab)
    28250 pointi
  • 5
    In place number 5 with 23500 pointsChainSecurity (See Github Profile)(opens in a new tab)
    23500 pointi
  • 6
    In place number 6 with 20500 pointsJuno Im (See Github Profile)(opens in a new tab)
    20500 pointi
  • 7
    In place number 7 with 20000 pointsYoonho Kim (team Hithereum) (See Github Profile)(opens in a new tab)
    20000 pointi
  • 8
    In place number 8 with 20000 pointsJohn Youngseok Yang (Software Platform Lab) (See Github Profile)(opens in a new tab)
    20000 pointi
  • 9
    In place number 9 with 17000 pointsPeckShield (See Github Profile)(opens in a new tab)
    17000 pointi
  • 10
    In place number 10 with 15000 pointsItsUnixIKnowThis (See Github Profile)(opens in a new tab)
    15000 pointi
  • 11
    In place number 11 with 15000 pointsBertrand Masius (See Github Profile)(opens in a new tab)
    15000 pointi
  • 12
    In place number 12 with 13000 pointsBob Conan
    13000 pointi
  • 13
    In place number 13 with 12500 pointsTin (See Github Profile)(opens in a new tab)
    12500 pointi
  • 14
    In place number 14 with 12500 pointsRalph Pichler
    12500 pointi
  • 15
    In place number 15 with 11000 pointsŁukasz Matczak (See Github Profile)(opens in a new tab)
    11000 pointi
  • 16
    In place number 16 with 10000 pointsHeilman/Marcus/Goldberg
    10000 pointi
  • 17
    In place number 17 with 10000 pointsJonas Nick (See Github Profile)(opens in a new tab)
    10000 pointi
  • 18
    In place number 18 with 10000 pointsJohn Toman (See Github Profile)(opens in a new tab)
    10000 pointi
  • 19
    In place number 19 with 8000 pointsSebastian Henningsen
    8000 pointi
  • 20
    In place number 20 with 7500 pointsDominic Brütsch
    7500 pointi
  • 21
    In place number 21 with 5000 pointsHarry Roberts (See Github Profile)(opens in a new tab)
    5000 pointi
  • 22
    In place number 22 with 5000 pointsPeter Stöckli (See Github Profile)(opens in a new tab)
    5000 pointi
  • 23
    In place number 23 with 5000 pointsNeville Grech (See Github Profile)(opens in a new tab)
    5000 pointi
  • 24
    In place number 24 with 5000 pointsEthHead (See Github Profile)(opens in a new tab)
    5000 pointi
  • 25
    In place number 25 with 5000 pointsiosiro (See Github Profile)(opens in a new tab)
    5000 pointi
  • 26
    In place number 26 with 3500 pointsAlex Beregszaszi (See Github Profile)(opens in a new tab)
    3500 pointi
  • 27
    In place number 27 with 2500 pointsSergio Demian Lerner (See Github Profile)(opens in a new tab)
    2500 pointi
  • 28
    In place number 28 with 2500 pointsDaniel Perez (See Github Profile)(opens in a new tab)
    2500 pointi
  • 29
    In place number 29 with 2000 pointsYaron Velner (See Github Profile)(opens in a new tab)
    2000 pointi
  • 30
    In place number 30 with 2000 pointsWhit Jackson (See Github Profile)(opens in a new tab)
    2000 pointi
  • 31
    In place number 31 with 2000 pointsMing Chuan Lin
    2000 pointi
  • 32
    In place number 32 with 2000 pointsMelonport team (See Github Profile)(opens in a new tab)
    2000 pointi
  • 33
    In place number 33 with 2000 pointsMaurelian (See Github Profile)(opens in a new tab)
    2000 pointi
  • 34
    In place number 34 with 2000 pointsChristoph Jentzsch (See Github Profile)(opens in a new tab)
    2000 pointi
  • 35
    In place number 35 with 1500 pointsHwanjo Heo (See Github Profile)(opens in a new tab)
    1500 pointi
  • 36
    In place number 36 with 1500 pointsBlockTrident (See Github Profile)(opens in a new tab)
    1500 pointi
  • 37
    In place number 37 with 1200 pointsDVP (dvpnet.io) (See Github Profile)(opens in a new tab)
    1200 pointi
  • 38
    In place number 38 with 1000 pointsVasily Vasiliev
    1000 pointi
  • 39
    In place number 39 with 1000 pointstalko (See Github Profile)(opens in a new tab)
    1000 pointi
  • 40
    In place number 40 with 1000 pointsSteve Waldman (See Github Profile)(opens in a new tab)
    1000 pointi
  • 41
    In place number 41 with 1000 pointsPanu Kekäläinen (See Github Profile)(opens in a new tab)
    1000 pointi
  • 42
    In place number 42 with 1000 pointsJosselin Feist (See Github Profile)(opens in a new tab)
    1000 pointi
  • 43
    In place number 43 with 1000 pointsHenrit (See Github Profile)(opens in a new tab)
    1000 pointi
  • 44
    In place number 44 with 1000 pointsMarc Bartlett (See Github Profile)(opens in a new tab)
    1000 pointi
  • 45
    In place number 45 with 1000 pointsBarry Whitehat
    1000 pointi
  • 46
    In place number 46 with 1000 pointsLucas Ryan (See Github Profile)(opens in a new tab)
    1000 pointi
  • 47
    In place number 47 with 1000 pointsAlex Groce (See Github Profile)(opens in a new tab)
    1000 pointi
  • 48
    In place number 48 with 750 pointsDaniel Briskin (See Github Profile)(opens in a new tab)
    750 pointi
  • 49
    In place number 49 with 750 pointsDaenam Kim (See Github Profile)(opens in a new tab)
    750 pointi
  • 50
    In place number 50 with 500 pointsMyeongjae Lee
    500 pointi
  • 51
    In place number 51 with 500 pointsMarcin Noga (Cisco/Talos Security)
    500 pointi
  • 52
    In place number 52 with 500 pointsjazzybedi
    500 pointi
  • 53
    In place number 53 with 500 pointsFeeker - 360 ESG Codesafe Team (See Github Profile)(opens in a new tab)
    500 pointi
  • 54
    In place number 54 with 500 pointsJonathan Brown (See Github Profile)(opens in a new tab)
    500 pointi
  • 55
    In place number 55 with 500 pointsDavid Murdoch (See Github Profile)(opens in a new tab)
    500 pointi
  • 56
    In place number 56 with 500 pointsAlexander Wade (See Github Profile)(opens in a new tab)
    500 pointi
  • 57
    In place number 57 with 200 pointsLuis Schliesske (See Github Profile)(opens in a new tab)
    200 pointi

Ubao wa wanaoongoza wa uwindaji wa mende

Tafuta hitilafu za safu ya makubaliano ili uongezwe kwenye ubao huu wa wanaoongoza

  • 1
    In place number 1 with 42400 pointsprotolambda (See Github Profile)(opens in a new tab)
    42400 pointi
  • 2
    In place number 2 with 19650 pointsQuan Thoi Minh Nguyen (See Github Profile)(opens in a new tab)
    19650 pointi
  • 3
    In place number 3 with 18700 pointsJonny Rhea (See Github Profile)(opens in a new tab)
    18700 pointi
  • 4
    In place number 4 with 17850 pointsGuido Vranken (See Github Profile)(opens in a new tab)
    17850 pointi
  • 5
    In place number 5 with 10000 pointsscio
    10000 pointi
  • 6
    In place number 6 with 9000 pointsGrandine team (See Github Profile)(opens in a new tab)
    9000 pointi
  • 7
    In place number 7 with 6000 pointsOnur Kılıç (See Github Profile)(opens in a new tab)
    6000 pointi
  • 8
    In place number 8 with 5000 pointsAntoine Toulme (See Github Profile)(opens in a new tab)
    5000 pointi
  • 9
    In place number 9 with 5000 pointsVulnerabilityX (See Github Profile)(opens in a new tab)
    5000 pointi
  • 10
    In place number 10 with 4000 pointsAntonio Sanso (See Github Profile)(opens in a new tab)
    4000 pointi
  • 11
    In place number 11 with 2850 pointsItsUnixIKnowThis (See Github Profile)(opens in a new tab)
    2850 pointi
  • 12
    In place number 12 with 2500 pointsAlexander Sadovskyi (See Github Profile)(opens in a new tab)
    2500 pointi
  • 13
    In place number 13 with 2500 pointstintin (See Github Profile)(opens in a new tab)
    2500 pointi
  • 14
    In place number 14 with 2500 pointsMartin Holst Swende (See Github Profile)(opens in a new tab)
    2500 pointi
  • 15
    In place number 15 with 1750 pointsAkincibor
    1750 pointi
  • 16
    In place number 16 with 200 pointsJim McDonald (See Github Profile)(opens in a new tab)
    200 pointi

Maswali yanayoulizwa mara kwa mara

Maswali?

Tuma barua pepe: bounty@ethereum.org(opens in a new tab)

Je! ukurasa huu umekusaidia?