Livepeer Studio
Tuesday, June 21, 2022
Product

Livepeer Studio (Non Smart Contract) Security Disclosure Program

By
Livepeer Studio Team
Livepeer Studio Team
2 min read
Bug bounty program (non-smart contract) for Livepeer Studio

Program Overview

Livepeer is a decentralized video streaming network built on the Ethereum blockchain. Livepeer Studio allows anyone to access the Livepeer network through a reliable, scalable, and easy-to-use video streaming service.

This program covers all non smart contract scopes. For the smart contract bounty program, please refer to https://immunefi.com/bounty/livepeer/.

For more information about Livepeer Studio, please visit livepeer.studio.

Threat Level

Not Included: issues discoverable by running popular automated scanning software like SPF/DMARC email record.

Low: issues that affect the user experience in a moderate way, but not affecting the underlying video streaming infrastructure.

Medium: unique issues that affect the video streaming experience in a moderate way, but not resulting in any economic impact.

High: unique issues that significantly impacts the video streaming infrastructure, or results in a loss of user funds.

Rewards by Thread Level

Not Included: $0 (But thank you for reporting!)

Low: up to $100

Medium: $100 to $250

High: $250 to $500

Important Legal Information

The bug bounty program is an experimental and discretionary rewards program for the active Livepeer community to encourage and reward those who are helping to improve the Livepeer Studio product. We reserve the right to cancel the program at any time, and awards are at the sole discretion of Livepeer Studio. In addition, we are not able to issue awards to individuals who are on sanctions lists or who are in countries on sanctions lists. You are responsible for all taxes. All awards are subject to applicable laws. Finally, your testing must not violate any law or compromise any data that is not yours.

We will do our best to respond to your submission as quickly as possible, keep you updated on the fix, and award a bounty where appropriate.

How to report a bug:

Please report your submissions to [email protected]

Public disclosure of the bug or indication of an intention to exploit it will make the report ineligible for a bounty.

Submitting anonymously or with a pseudonym is OK, but will make you ineligible for BTC/Eth rewards. To be eligible for BTC/Eth rewards, we require your real name and a proof of your identity. Donating your bounty to a charity doesn’t require your identity.