25 Sep 2024 [bounties] [wallets]

Feather Wallet launches bug bounty program

tobtoht1 has opened Feather Wallet2’s initial bug bounty program3 earlier today:

A bounty may be rewarded to a vulnerability report if and only if the issue can result in a loss of funds.

Scope overview

The issue must be present in a signed release build
The developers must be able to reproduce and fix the issue
The live websites and their repositories are out of scope
Loss of funds due to malware on the user's machine is out of scope
Memory imaging, including cold boot attacks, is out of scope [..]

Bounties range from USD 150 to USD 3000 and can only be awarded in XMR.

To learn more and get involved with the project consult its docs4 and join #feather on Matrix/IRC5.

This is an ongoing story and the report will be updated when new information is available.

  1. https://github.com/tobtoht/ 

  2. https://featherwallet.org/ 

  3. https://github.com/feather-wallet/feather/blob/master/SECURITY.md#bug-bounty-program 

  4. https://docs.featherwallet.org/ 

  5. #feather:monero.social (Matrix), #feather (OFTC)