Superteam Earn
AIxBlock

1

Abhishek

AIxBlock Bug Bounty Program

by AIxBlock

|
|
token icon
10kUSDC

Total Prizes

10k

USDC

1st

suit case

...

SUBMISSIONS

suit case

153d:13h:27m

REMAINING

Overview

AIxBlock combines decentralized compute, open‑source models, data engines and human validators into a low‑code environment for end‑to‑end AI and workflow automation. Our goal is to identify and remediate vulnerabilities quickly and transparently while crediting and rewarding the researchers who make that possible.

  • All vulnerability discussion and fixes are public (issues & PRs).

  • Rewards scale with impact and fix quality – submit the bug and a working patch to maximize your payout.

  • We follow the [CVSS v3.1] qualitative scale for severity (see footnote 1).


Scope

Out of Scope

  • Third‑party services we don’t control (e.g. Solana L1, Hugging Face, Roboflow).

  • DoS / DDoS or spam/flood tests.

  • UI bugs with no security impact.

  • Proprietary/private models or data not present in the public repo.


Rules of Engagement

  • Be lawful & respectful – no social engineering, physical attacks, or privacy violations.

  • Only test with accounts you own or explicit permission.

  • No public disclosure until the fix is merged (see timeline below).

  • Chain or duplicate vulnerabilities = one bounty.

  • First valid report wins if duplicates occur.

Eligibility

Anyone can participate except:

  • Current AIxBlock employees or contractors.


Reporting Process

Submit vulnerabilities as issues on the public repository at https://github.com/AIxBlock-2023/aixblock-ai-dev-platform-public. Follow these essential steps:

  1. Star the Repository (mandatory): Stay updated and show your engagement.

  2. Fork the Repository (mandatory): Fork to contribute, keep track of your changes and use as a proof to claim tokens later as well as to receive long term revenue sharing in the future.

  3. Submit Report:

    • Create an issue using the "Bug Report" template (if available), and include:

      • 🔍 Vulnerability description

      • 🧠 Impact assessment (should be concise)

      • 📸 Screenshots or video evidence

  4. Discussion (optional, but encouraged):

    • Create a dedicated branch (e.g., bugfix/issue-123) to collaborate on your proposed fix.

    • Engage with the AIxBlock team and the community via comments on the issue or pull request.

  5. Fix bug/propose solutions and pull PR request :

    • Submit a pull request (PR) to the discussion branch.

    • Reference the original issue in your PR.

    • Include description of the fix in your PR description.

  6. AIxBlock Responds:

    • The AIxBlock Security Team will acknowledge your submission within 48 hours.

  7. AIxBlock Validates:

    • Vulnerabilities are validated within 7 business days.

    • Severity and reward are confirmed after validation.

  8. Disclosure:

    • Once the fix is live and merged, public disclosure is permitted with AIxBlock’s approval.


Severity and Rewards

*Token: payouts redeemable on or one day after TGE.

Bonus: Additional for reports with detailed PoCs or vulnerabilities found in new features (e.g., automation workflows, MCP integration, decentralized compute).

No Reward: Duplicate reports, out-of-scope issues, or vulnerabilities with no security impact.

Payments: Cash Rewards can be paid via either bank transfer in fiat currency or in stablecoins (USDC) as cryptocurrency payment, distributed at the end of the bounty campaign once the total cash rewards pool reaches 10,000 USD, will be announced publicly on all of our channels. Token rewards shall be distributed on our TGE date or 1 day after our TGE date. Please follow us to make sure you don't miss it.

Total pool: $10 000 cash + $30 000  worth of AXB tokens.


Response Targets



Future Benefits

Additional opportunities to claim tokens on our TGE date and receive long-term revenue sharing.


Contact


Footnotes

  1. CVSS v3.1 Severity Rating Scale – FIRST.org.

SKILLS NEEDED

Frontend

Backend

Blockchain

CONTACT

Reach outif you have any questions about this initialBounty

WINNER ANNOUNCEMENT BY

January 14, 2026 - as scheduled by the sponsor.