Polygon looks forward to working with the community to find security vulnerabilities in order to keep our Projects, Developers and Users safe.
The bounty program is to ensure everyone has an opportunity to find bugs in our system, which will in turn help us ensure the security of Polygon. Payouts will go up to $5,000 for critical issues.
If you are new to blockchains and/or to Polygon, take a look at the Polygon overview - https://docs.polygon.technology/docs/home/architecture/matic-architecture
Explore the code on GitHub there are 3 main repositories for you to study Heimdall - https://github.com/maticnetwork/heimdall Bor - https://github.com/maticnetwork/bor Contracts - https://github.com/maticnetwork/contracts
- Set up a test network locally with these instructions: Getting Started - Running a node on the local environment: https://github.com/maticnetwork/matic-cli
The Polygon CLI repo is an easy way to setup and manage the entire Polygon stack, including Heimdall, Bor and the Staking & Plasma smart contracts on a local environment. This would help in simulating tests and attacks locally.
If you want to run a full node on the Polygon Mainnet or Mumbai Testnet you can follow the links below
Getting Tokens for Testing
To get tokens you can access our faucet: https://faucet.matic.network/ and choose the Goerli network to get some tokens. Or you can drop an email with your ETH address to delroy(@)matic.network
Check out the forum and join the discussion on Discord.
For more information about the program visit https://hackerone.com/matic-network. Please note that the HackerOne page for Polygon is currently only an invite-only page. The HackerOne page will be open to the public on June 1st, 2020.