This year marked a significant milestone for Tangem as we launched a private Bug Bounty program. The initiative has yielded valuable results, helping us bolster wallet security and maintain a spotless record.
Looking ahead to 2025, we’re planning a public bug bounty program. It will debut alongside the rollout of Tangem’s new infrastructure and advanced features. This is an open invitation to security experts and developers to help make Tangem even more secure.
What is a bug bounty program?
A bug bounty program rewards people who identify and responsibly disclose security vulnerabilities. These programs incentivize ethical hacking and foster a collaborative approach to improving security across systems.
Why are bug bounties important?
As blockchain and cryptocurrency adoption grow, the stakes become higher due to:
The immutable nature of blockchain means that once a smart contract is deployed, vulnerabilities cannot be easily fixed without disrupting operations.
Complex integrations across networks increased the likelihood of vulnerabilities, especially with blockchain bridges.
People store substantial amounts in crypto wallets, particularly cold wallets. Implementing a bug bounty program can enhance a wallet's overall security, as developers may inadvertently overlook vulnerabilities in newly deployed code.
Web3 bug bounty programs have since become a cornerstone of blockchain security, fostering collaboration between users, developers, and ethical hackers to improve trust in the industry.
What does Tangem's bug bounty program involve?
Tangem’s Bug Bounty program aligns with industry best practices, emphasizing transparency, collaboration, and impactful rewards. Here’s what to expect:
Public launch The program is open to everyone and invites the global community of security researchers to participate.
Reward structure Experts will earn rewards based on the severity and impact of the reported vulnerabilities.
Focus areas The program will target Tangem's mobile app code vulnerabilities, API integrations, and other systems.
Easy reporting Experts will use a dedicated reporting system to make submissions straightforward and ensure confidentiality. Meanwhile, immediate reports can already be sent to bugbounty@tangem.com
At Tangem, we believe in the power of transparency. Our mobile app's code is open source, meaning developers and researchers worldwide can contribute to making the crypto ecosystem safer and more inclusive. Let's work together to create a crypto world that is secure, innovative, and accessible to everyone.
Ask AI whether Tangem is a good fit for your needs
Research Tangem wallet with AI to learn whether our security and usability fits your unique use cases
