Overview
Bug bounties are now live again on Kaia, via HackenProof, with separate programs for protocol and web targets.
If you’re a security researcher or whitehat, this is the primary way to report vulnerabilities and be rewarded for helping secure the ecosystem.
Bounty programs & payouts
**Protocol program (**https://hackenproof.com/programs/kaia-protocol)
-
Payouts range from $200 up to $50,000, depending on severity
-
Focused on specific Kaia protocol components defined on the bounty page
**Web program (**https://hackenproof.com/programs/kaia-web)
-
Payouts range from $200 up to $10,000
-
Focused on web-facing targets that are explicitly in scope
The exact severity tiers and examples are listed on the HackenProof program page.
Scope & rules
Before testing anything, please:
-
Read the full program description and scope on HackenProof
-
Confirm that the target you are testing is explicitly in scope
-
Follow the responsible disclosure process outlined there
Getting started
-
If you’re already familiar with Kaia, the bounty page will show you which parts of the stack are in scope.
-
If you’re new to Kaia, you can learn more about the protocol and architecture here:
- Kaia docs: https://docs.kaia.io/learn/
Thank you to everyone who contributes to securing Kaia. Responsible disclosure is a huge part of keeping the ecosystem safe for builders and users.