Meet Near Foundation
Near Foundation is a non-profit foundation that is responsible for contracting protocol maintainers, funding ecosystem development, and shepherding core governance of the Near Protocol.
Check Out The Rewards
If you find a vulnerability according to the bounty rules, Near Foundation will reward you:
- Critical: $2,500 – $10,000
- High: $1,000 – $2,500
- Medium: $250 – $1,000
- Low: $100 – $250
Join The Bounty Hunt
There is Web3 to scope!
Make sure your reports contain info about these incidents:
Cross-component
- Sandboxed components can affect the rendering of parents or siblings by modifying their styles or altering behavior
- Does not apply to reasonable expectations of scoped CSS, or clickjacking by positioning elements over parent
- Does not apply to affecting Children prop passed by parent
- Does not apply to parents affecting rendering of any downtree components
- Component can impersonate render requests for other containers
Outer Window Application
- Component can interact with global variables, browser APIs, or browser storage of root window
- Component can execute arbitrary JS in the root window frame
- Component can bypass DOM sanitization performed by engine
Once you’re ready, click here to join the bounty hunt!