Bug Bounties

Cosmos

Powered by: 

Allows bounty splitting: 

Average time to first program response: 

Average time to bounty awarded null: 

Average time to report resolved: 

Handle cosmos

Managed program: false

Name: Cosmos

Offers bounties: true

Offers swag: false

Response efficiency percentage: 47

Submission state: open

Url: https://hackerone.com/cosmos

Website: https://cosmos.network

In scope:

  • Asset identifier: https://github.com/cosmos/cosmos-sdk
  • Asset type: SOURCE_CODE
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: https://github.com/cosmos/gaia
  • Asset type: SOURCE_CODE
  • Availability requirement: high
  • Confidentiality requirement: high
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: high
  • Max severity: critical



  • Asset identifier: https://github.com/cosmos/iavl
  • Asset type: SOURCE_CODE
  • Availability requirement: high
  • Confidentiality requirement: high
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: high
  • Max severity: critical



  • Asset identifier: https://github.com/cosmos/ibc-go
  • Asset type: SOURCE_CODE
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: https://github.com/cosmos/ledger-cosmos
  • Asset type: SOURCE_CODE
  • Availability requirement: high
  • Confidentiality requirement: high
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: high
  • Max severity: critical



  • Asset identifier: https://github.com/iqlusioninc/crates/tree/main/signatory
  • Asset type: SOURCE_CODE
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: Restricted to the ed25519 provider sub-crates like dalek-ed25519 and ring.
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: https://github.com/iqlusioninc/tmkms
  • Asset type: SOURCE_CODE
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: https://github.com/iqlusioninc/yubihsm.rs
  • Asset type: SOURCE_CODE
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: Restricted to the ed25519 pubkey and signing paths.
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: https://github.com/tendermint/tendermint
  • Asset type: SOURCE_CODE
  • Availability requirement: high
  • Confidentiality requirement: high
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: high
  • Max severity: critical