Skip to main content

Qubic Bug Bounty Program

Welcome to the Qubic Bug Bounty Program! We believe in a safe and secure ecosystem for our users, which is why we encourage and incentivize the identification and reporting of any potential security vulnerabilities in our system.


All aspects of the Qubic ecosystem are in scope, including but not limited to:

  • Core protocol
  • Qubic Units (QUs)
  • Smart Contracts
  • Wallet software


  1. Responsible Disclosure: Do not disclose the details of the bug publicly before it has been addressed and a patch has been released.
  2. No Harm: Do not exploit the bug beyond what is necessary to demonstrate it.
  3. Do Not Interfere: Avoid disrupting any services or data during your testing.


Please submit a detailed bug report to including the following information:

  • Description of the issue
  • Steps to reproduce
  • Potential impact

Reports that do not include this information may not qualify for a bounty.


Bounties will be awarded at the discretion of the Qubic development team based on the severity and impact of the reported issue. A minimum of 1 bln QUs will be awarded for any legitimate and previously unreported security vulnerability.


Successful participants who help make the Qubic ecosystem more secure will be acknowledged publicly (unless they prefer to remain anonymous). Together, we can build a more secure and robust Qubic ecosystem.