**Proponent**: Fy6erZmPp78ZY2cN945FU9KnKdATmxvG2eB9a1kh2VX33xz

**Date**: 01.03.2024

**Requested KSM**: $250,000 (5102 KSM - based on EMA7 March 1st 2024)

**Short description**:

Bridges enable transferring data, assets, and more between multiple chains. Due to their pivotal role and high transaction volumes, they have simultaneously become a hotspot for malicious activities. When exploited, these breaches can lead to significant impact including financial losses.

This proposal aims to ensure the utmost security of the bridges and promote community involvement by implementing a Security Bug Bounty Program. While all developers involved work hard to ensure the software and protocols built are bug-free, secure by design, and third-party code audits have been already performed, it is recognised security best practices to complement this. That’s why Polkadot and Kusama need community and bug bounty hunters to help to identify security vulnerabilities that could cause impact from all the severity levels before it is widely used and adopted.

To support this, the Bug Bounty participants are provided with many context details in the full proposal [attached](https://docs.google.com/document/d/1rzvoJxMVIG1MJfHCkHDLmXYBTlkJZvUgwsP4IV4oHKw/edit), including a threat model of the scope.

As a security vulnerability in the bridge can impact both the source and destination blockchains, a mirror bounty is raised on Kusama and Polkadot

Thanks for your time and support to make Polkadot more secure !

**Proposal Summary**

- **Proponent**: Fy6erZmPp78ZY2cN945FU9KnKdATmxvG2eB9a1kh2VX33xz
- **Date**: 01.03.2024
- **Requested KSM**: $250,000 (5102 KSM)
- **Objective**: Enhance security of bridges between chains by implementing a Security Bug Bounty Program.
- **Rationale**: Bridges are crucial but vulnerable to attacks, leading to financial losses.
- **Community Involvement**: Encourage community and bug bounty hunters to identify vulnerabilities.
- **Details**: Full proposal includes threat model and context details.
- **Impact**: Vulnerabilities in bridges can affect both source and destination blockchains.

POLKADOT <> KUSAMA BRIDGE SECURITY BOUNTY

acceptCurator

BountyExtended

candidates

members

proficients

fellows

senior_fellows

experts

senior_experts

masters

senior_masters

grand_masters

root

whitelisted_caller

wish_for_change

staking_admin

treasurer

lease_admin

fellowship_admin

general_admin

auction_admin

referendum_canceller

referendum_killer

small_tipper

big_tipper

small_spender

medium_spender

big_spender

Origin for signaling that the network wishes for some change

Able to spend up to 333,333.3333 KSM from the treasury at once

Managing the composition of the fellowship

Able to spend up to 8.3333 KSM from the treasury at once

Able to spend up to 33.3333 KSM from the treasury at once

Able to spend up to 333.3333 KSM from the treasury at once

Able to spend up to 3,333.3333 KSM from the treasury at once

Able to spend up to 33,333.3333 KSM from the treasury at once