Service Node checkpointing is now being enforced on testnet v5.0.0. We really want to make sure everything is running smoothly, so are inviting you to do your best to break checkpointing on the testnet!
As a reward for the hard-working testers out there who manage to find bugs in v5.0.0, we have put a bounty system together: https://github.com/loki-project/loki/releases
The total reward pool is 4000 $LOKI.
Bounty Guidelines:
- Attacks should be performed on the Loki testnet, where the most recent checkpointing code has been activated.
- The goal of an attack should be to invalidate Service Node checkpointing. Functionally, this means you should be able to get an unmodified lokid node to sync or switch to any alternate chain that competes with a mainchain with more than 2 consecutive checkpoints.
Some attacks you might try to execute are:
- Targeted attacks that prevent Service Nodes communicating during consensus.
- 51% attacks on the mining network.
- Joining a dishonest minority of Service Nodes – please remove these nodes from the network once you finish testing as others may be trying to use similar methods.
- Constructing special transactions/blocks.
The following attacks are out of the scope of this bounty program and will not be rewarded:
- Gaining more than 51% of the Service Nodes on the Service Node network (this would be prohibitively difficult on the mainnet). Note: The 20 Service Nodes operated by the Loki team on the Loki testnet represent the “Honest Majority”.
- Blanket DDOS attacks are not considered in scope as they would be prohibitively difficult on the mainnet given the size of the Service Node network.
Bug Severity will be decided arbitrarily by the Loki team. High severity bugs will earn 50% of the total prize pool at the time your claim is approved. Medium severity bugs will earn 20%, and low severity bugs will earn 5%.
Happy Testing!