Ethereum Bug Bounty Submission
Visit https://bounty.ethereum.org/ to see what is in scope and what is not in scope

Websites and other things not listed on https://bounty.ethereum.org/ are not in scope and will be ignored.
Due to a large amount of incoming reports, response time may be up to 7 days.

A fully functional Proof of Concept against a mainnet setup of Ethereum is required

NOTE: It is strongly advised to have a proof of concept that works with Kurtosis.

The following resources should help you get started:
- Kurtosis testnet guide: https://docs.kurtosis.com/how-to-compose-your-own-testnet/

Important: Due to a large increase in reports, response time may be up to 7 days.
Sign in to Google to save your progress. Learn more
Email *
Leaderboard Name *
Name to display on the leaderboard. You may use a pseudonym.
Full Name
 *
Required to process payment
Github Username *
Github account to link to on the leaderboard
Wallet Address *
Address to receive reward
Do you prefer ETH or DAI for the reward?
Clear selection
Short description *
1 sentence description of the bug
Attack scenario *
In what scenario would this be an issue?
Impact *
 Describe the effect this may have in a production setting
Components *
Point to the files, functions, and/or specific line numbers where the bug occurs
Proof of Concept *
A clear proof of concept is required. Without a clear reproducible attack, the issue will be ignored.

NOTE: Using Kurtosis is the preferred way as it makes it CLEAR and EASILY reproducible.
Suggested Fix
Description of suggested fix, if available
Additional Information
Any details not covered above
A copy of your responses will be emailed to the address you provided.
Submit
Clear form
Never submit passwords through Google Forms.
reCAPTCHA
PrivacyTerms
This form was created inside of Ethereum Foundation.

Does this form look suspicious? Report

Google Forms