**Proponent:** 14Pn8sUxdEMgFRDgZ5J2VfcUVMLaMQhst9XuvCj9

**Date:** 26.01.2024

**Requested DOT:** $250,000 (39,100 DOT - rate 1 DOT=$6.39)

**Short description:**

Bridges enable transferring data, assets, and more between multiple chains. Due to their pivotal role and high transaction volumes, they have simultaneously become a hotspot for malicious activities. When exploited, these breaches can lead to significant impact including financial losses. 

This proposal aims to ensure the utmost security of the bridges and promote community involvement by implementing a Security Bug Bounty Program. While all developers involved work hard to ensure the software and protocols built are bug-free, secure by design, and third-party code audits have been already performed, it is recognised security best practices to complement this. That’s why Polkadot and Kusama need community and bug bounty hunters to help to identify security vulnerabilities that could cause impact from all the severity levels before it is widely used and adopted.

To support this, the Bug Bounty participants are provided with many context details in the full proposal [attached](https://docs.google.com/document/d/1j-Nb7FYgSJpChgbvkbkHCM_dsjENhrh4Vqc4rNsmNGY/edit), including a threat model of the scope.

As a security vulnerability in the bridge can impact both the source and destination blockchains, a mirror bounty is raised on Kusama and Polkadot

Thanks for your time and support to make Polkadot more secure !

**Problem Statement:**

- Bridges between multiple chains are vulnerable to security breaches, leading to potential financial losses.

**Significance:**

- Implementing a Security Bug Bounty Program will ensure the utmost security of the bridges and promote community involvement in identifying security vulnerabilities.

**Proposed Solution:**

- Implement a Bug Bounty Program for Polkadot and Kusama bridges to incentivize community participation in identifying security vulnerabilities.

**Expected Outcomes:**

- Increased security of bridges through community involvement in identifying and addressing security vulnerabilities.

#2099 Polkadot Kusama Bridges Security Bug Bounty

No Active Proposals