From the discussion above, I’m proposing the following:
Inflation bug bounty depending on the inflation type.
Unrecoverable inflation bug
- The bug allows for arbitrary inflation
- Neither MW/Grin nor Grin++ would catch it, no matter how long after the exploit. I.e. the inflation is undetectable.
- Knowing the bug, it’s impossible to verify that it hasn’t been exploited yet. This leaves us with no choice but to relaunch Grin.
Bounty prize: $300k
Recoverable inflation bug
- The bug allows for arbitrary inflation
- Neither MW/Grin nor Grin++ would catch it, no matter how long after the exploit. I.e. the inflation is undetectable.
- Knowing the bug, it’s possible to verify that it hasn’t been exploited yet.
Bounty prize: $500k
Implementation-specific inflation bug
- The exploit is possible on exactly one of the node implementations (Rust or Grin++) and would get caught by the other implementation.
Bounty prize - delayed detection on vulnerable node: $70k - a case similar to the Bulletproof cache flaw in Rust Grin where the Rust node would detect the inflation after 1 week.
Bounty prize - no detection on vulnerable node: $100k
In order to claim the bounty, one needs to follow Responsible Disclosure Standard and the exploit MUST NOT be tested on the mainnet or floonet (we want to keep these two intact).
Steps:
- Find an inflation bug in Grin node (either Grin++ or Rust node)
- Go through Responsible Disclosure Standard and describe steps needed to pull off the inflation bug
- Categorize the inflation bug, wait for the classification approval from the Security team and claim the reward once this has been fixed. The claim only happens after the patch to avoid speculation around how to exploit the chain based on the movements of Grin fund.
If two people find the bug independently, the person finding it first claims the reward.
My suggestion is that we start off with the rewards defined above and increase these values by 10-20% per year - assuming we have the funds available, if we don’t we simply either keep the bounty intact or remove it.
Let me know if you have any ideas on how to describe this better.