We need and want your help to improve Numerai so we will aim to be generous and fair with our bounties where possible. If you feel like you deserve more/less bounty for your contribution just let us know!
The examples listed below are not exhaustive and the bounty amounts listed above are only rough guidelines. The exact amounts depends on the actual bug, feedback or suggestion. Actual bounty payout amounts, if any, will be determined by Numerai at its sole discretion.
If you see anything that is broken, report it! If it turns out to be a real issue and your report helped us fix it then we will give you a bounty!
Small website display issues, broken email, broken links
Minor exploits or vulnerabilities that do not risk user funds
Medium data errors, incorrect payouts, cannot submit/stake
Major exploits, security issues, smart contract vulnerabilities
Reports that affect only outdated user agents or app versions -- we only consider exploits in the latest browser versions for Safari, FireFox, Chrome, Edge, IE and the versions of our application that are currently in the app stores
Issues that require physical access to a victim’s computer/device
Banner grabbing issues (figuring out what web server we use, etc.)
While researching, we'd like to ask you to refrain from:
Denial of service
Rate limiting attacks (unless it constitutes a significant risk)
How to submit a vulnerability report
Send email to [email protected]explaining the vulnerability, it's impact, and proof-of-concept to support claims.
Feedback & Suggestions
If you have any good ideas about how to improve the Numerai propose it to us! If it is a good idea and we end up using it then we will give you a bounty!