Today, Yuga made its reward scheme accessible to the general public via HackerOne. “We care deeply about the security of our community, which is why we’ve been running this program on an invite only basis with a network of 800+ responsible hackers helping us identify and resolve security vulnerabilities since July,” stated Yuga Labs.
Now, they want to make the program available to everyone, allowing you to earn up to $50,000 for valid reports of vulnerabilities affecting their services, websites, social accounts, and Discord servers. Helping Yuga Labs identify anything that could disturb its community, such as taking over, manipulating content, or injecting arbitrary code into its websites, will result in a monetary reward.
The payout criteria is as follows:
Low severity issues: $250-$1,000
Medium severity issues: $1,000-$5,000
High severity issues: $5,000-$25,000
Critical severity issues: $25,000-$50,000
They’re launching a bonus campaign through December 26 to celebrate the program’s public launch:
Low severity issues: $670-$1,420
Medium severity issues: $2,000-$6,000
High severity issues: $7,500-$27,500
Critical severity issues: $30,000-$55,000