<h1 class="heading-node">Overview</h1>AIxBlock combines decentralized compute, open‑source models, data engines and human validators into a low‑code environment for end‑to‑end AI and workflow automation.&nbsp;Our goal is to identify and remediate vulnerabilities quickly and transparently while crediting and rewarding the researchers who make that possible.<ul class="list-node"><li>All vulnerability discussion and fixes are public (issues &amp; PRs).</li><li>Rewards scale with impact and fix quality – submit the bug and a working patch to maximize your payout.</li><li>We follow the [CVSS&nbsp;v3.1] qualitative scale for severity (see footnote&nbsp;1).</li></ul><hr><h2 class="heading-node">Scope</h2><img src="https://res.cloudinary.com/dgvnuwspr/image/upload/v1749645798/ehesgslijjpdts6mpofw.png" alt="" title="" id="as6hetsby" width="585" height="244" filename="Screenshot 2025-06-10 175205.png" filetype="image/png"><h3 class="heading-node">Out of Scope</h3><ul class="list-node"><li>Third‑party services we don’t control (e.g. Solana L1, Hugging Face, Roboflow).</li><li>DoS / DDoS or spam/flood tests.</li><li>UI bugs with no security impact.</li><li>Proprietary/private models or data not present in the public repo.</li></ul><hr><h2 class="heading-node">Rules of Engagement</h2><ul class="list-node"><li>Be lawful &amp; respectful – no social engineering, physical attacks, or privacy violations.</li><li>Only test with accounts you own or explicit permission.</li><li>No public disclosure until the fix is merged (see timeline below).</li><li>Chain or duplicate vulnerabilities = one bounty.</li><li>First valid report wins if duplicates occur.</li></ul><h2 class="heading-node">Eligibility</h2>Anyone can participate except:<ul class="list-node"><li>Current AIxBlock employees or contractors.</li></ul><hr><h2 class="heading-node">Reporting Process</h2>Submit vulnerabilities as issues on the public repository at <a class="link" href="https://github.com/AIxBlock-2023/aixblock-ai-dev-platform-public">https://github.com/AIxBlock-2023/aixblock-ai-dev-platform-public</a>. Follow these essential steps:<ol class="list-node"><li>Star the Repository (mandatory): Stay updated and show your engagement.</li><li>Fork the Repository (mandatory): Fork to contribute, keep track of your changes and use as a proof to claim tokens later as well as to receive long term revenue sharing in the future.</li><li>Submit Report:<ul class="list-node"><li>Create an issue using the "Bug Report" template (if available), and include:<ul class="list-node"><li>🔍 Vulnerability description</li><li>🧠 Impact assessment (should be concise)</li><li>📸 Screenshots or video evidence</li></ul></li></ul></li><li>Discussion (optional, but encouraged):<ul class="list-node"><li>Create a dedicated branch (e.g., <code class="inline" spellcheck="false">bugfix/issue-123</code>) to collaborate on your proposed fix.</li><li>Engage with the AIxBlock team and the community via comments on the issue or pull request.</li></ul></li><li>Fix bug/propose solutions and pull PR request :<ul class="list-node"><li>Submit a pull request (PR) to the discussion branch.</li><li>Reference the original issue in your PR.</li><li>Include description of the fix in your PR description.</li></ul></li><li>AIxBlock Responds:<ul class="list-node"><li>The AIxBlock Security Team will acknowledge your submission within 48 hours.</li></ul></li><li>AIxBlock Validates:<ul class="list-node"><li>Vulnerabilities are validated within 7 business days.</li><li>Severity and reward are confirmed after validation.</li></ul></li><li>Disclosure:<ul class="list-node"><li>Once the fix is live and merged, public disclosure is permitted with AIxBlock’s approval.</li></ul></li></ol><hr><h2 class="heading-node">Severity and Rewards</h2><img src="https://res.cloudinary.com/dgvnuwspr/image/upload/v1749645813/zyrm1bfzez208dvsysw9.png" alt="" title="" id="4m1wqxfkr" width="585" height="179" filename="Screenshot 2025-06-10 232734.png" filetype="image/png">*Token: payouts redeemable on or one day after TGE.Bonus: Additional for reports with detailed PoCs or vulnerabilities found in new features (e.g., automation workflows, MCP integration, decentralized compute).No Reward: Duplicate reports, out-of-scope issues, or vulnerabilities with no security impact.Payments: Cash Rewards can be paid via either bank transfer in fiat currency or in stablecoins (USDC) as cryptocurrency payment, distributed at the end of the bounty campaign once the total cash rewards pool reaches 10,000 USD, will be announced publicly on all of our channels. Token rewards shall be distributed on our TGE date or 1 day after our TGE date. Please follow us to make sure you don't miss it.<h2 class="heading-node">Total pool: $10 000 cash + $30 000  worth of AXB tokens.</h2><hr><h2 class="heading-node">Response Targets</h2><img src="https://res.cloudinary.com/dgvnuwspr/image/upload/v1753164719/dgvvplqul9dmjrpco2ks.png"><hr><h2 class="heading-node">Future Benefits</h2>Additional opportunities to claim tokens on our TGE date and receive long-term revenue sharing.<hr><h2 class="heading-node">Contact</h2><ul class="list-node"><li>Discord: <a class="link" href="https://discord.gg/nePjg9g5v6" rel="nofollow">Join Us</a></li><li>Twitter: <a class="link" href="https://x.com/AixBlock" rel="nofollow">Follow Us</a></li><li>Telegram: <a class="link" href="https://t.me/AIxBlock" rel="nofollow">Join the Discussion</a></li><li>LinkedIn: <a class="link" href="https://www.linkedin.com/company/aixblock/" rel="nofollow">Follow Us</a></li><li>YouTube: <a class="link" href="https://www.youtube.com/@AIXBlock" rel="nofollow">Watch Our Channel</a></li><li>Website: <a class="link" href="https://aixblock.io/" rel="nofollow">https://aixblock.io</a></li><li>Platform: <a class="link" href="https://app.aixblock.io/" rel="nofollow">https://app.aixblock.io</a></li><li>Huggingface: <a class="link" href="https://huggingface.co/AIxBlock" rel="nofollow">https://huggingface.co/AIxBlock</a>.</li></ul><hr><h3 class="heading-node">Footnotes</h3><ol class="list-node"><li>CVSS&nbsp;v3.1 Severity Rating Scale – FIRST.org.</li></ol>

AIxBlock Bug Bounty Program

AIxBlock Bug Bounty Program

10kUSDC Total Prizes
10k USDC 1st