ZetaChain has a comprehensive bug bounty program aimed at maintaining the security of its web applications, smart contracts, and the blockchain. As an EVM-compatible Layer 1 blockchain that connects various networks, including Bitcoin, ZetaChain is committed to building a robust and secure ecosystem for interoperable apps.

The bug bounty program invites security researchers to identify and report vulnerabilities across ZetaChain’s web applications, smart contracts, and blockchain components. The program covers a wide range of potential security risks, including business logic issues, unauthorized transactions, reentrancy, cryptographic flaws, and more. Rewards are determined based on the severity and impact of the vulnerability, with a particular focus on critical issues that may affect user funds, consensus, or network functionality.

To participate in the program, all security findings should be reported through ZetaChain’s official bug bounty platform on HackenProof.

https://hackenproof.com/company/zetachain/programs (opens in a new tab)

Researchers are required to follow responsible disclosure guidelines, ensuring that vulnerabilities are reported confidentially, without public disclosure, and only after the vulnerability has been resolved.

The scope of the bug bounty includes web applications such as the ZetaChain explorer, smart contract repositories, and blockchain components. Only vulnerabilities found within the specified scope will be eligible for rewards. Researchers are encouraged to thoroughly test within the allowed boundaries while adhering to the program’s rules on ethical hacking practices.