Those of you who follow our project might have noticed that for the past few months, our main focus has been developing the AdEx DApp — adding new functionalities, fixing bugs, testing existing features and so on.

The DApp is shaping up quite nicely — we won’t lie that we’re very proud with our progress. However, we realize that there may be bugs — and sometimes it’s our early adopters who catch those bugs before we are able to spot and fix them ourselves.

With this in mind, we decided to introduce a cool new initiative that will help us developing AdEx: a bug bounty. It will be focused on finding security vulnerabilities in our DApp. We will be handing out rewards depending on the severity of the reported issue, as follows:

Note: Up to $100

Low: Up to $500

High: Up to $2,000

Critical: Depending on the severity of the issue.

All bug bounties will be paid out in ADX tokens.

To determine this severity, we will be employing the OWASP risk rating methodology. It assesses the potential impact a bug could have in relation to the likelihood of that bug being uncovered and exploited. Below is a visual representation of how it works:

The AdEx Bug Bounty will be an ongoing initiative, however it will only be available for a certain period of time after the release of every major version of our DApp. We will be announcing the open and close of each bounty window on our social media channels.