Algorand

The Blockchain Powering The Borderless Economy

  • Points per vulnerability
  • Safe harbor
  • Managed by Bugcrowd
Submit report

Program stats

20 vulnerabilities rewarded

Validation within 4 days
75% of submissions are accepted or rejected within 4 days

Latest hall of famers

View all 29

Recently joined this program

68 total

Algorand provides a foundation for existing businesses and new projects to operate globally in the emerging decentralized economy. Algorand’s first-of-its-kind, permissionless, pure proof-of-stake protocol supports the scale, open participation, and transaction finality required to build systems for billions of users.

Algorand invites you to test and help secure our innovative decentralized protocol. We appreciate your efforts and hard work in making the internet (and Algorand) more secure and look forward to working with the researcher community to create a meaningful and successful bug bounty program. Good luck and happy hunting!

Ratings/Rewards:

For the initial prioritization/rating of findings, this program will use the Bugcrowd Vulnerability Rating Taxonomy. However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher - along with the opportunity to appeal and make a case for a higher priority

Thank you for helping us build a safer internet. If you have any questions regarding this program, please contact support@bugcrowd.com.

This program only awards points for VRT based submissions.

Targets

In scope

Target name Type
Any Algorand publicly facing property Other

Safe Harbor:

When conducting vulnerability research according to this policy, we consider this research to be:

  • Authorized in accordance with the Computer Fraud and Abuse Act (CFAA) (and/or similar state laws), and we will not initiate or support legal action against you for accidental, good faith violations of this policy;
  • Exempt from the Digital Millennium Copyright Act (DMCA), and we will not bring a claim against you for circumvention of technology controls;
  • Exempt from restrictions in our Terms & Conditions that would interfere with conducting security research, and we waive those restrictions on a limited basis for work done under this policy; and
  • Lawful, helpful to the overall security of the Internet, and conducted in good faith.
  • You are expected, as always, to comply with all applicable laws.

If at any time you have concerns or are uncertain whether your security research is consistent with this policy, please inquire via support@bugcrowd.com before going any further.

Program rules

This program follows Bugcrowd’s standard disclosure terms.

Learn more about Bugcrowd’s VRT.