🛠️ What Is the Bug Bounty Program

Binance (including BNB Chain and Binance Smart Chain) offers a security bug bounty program that invites ethical hackers and security researchers to identify and responsibly disclose vulnerabilities. If accepted, valid reports earn financial rewards ranging from $200 up to $100,000 USD, depending on severity:

P0 (Critical): up to $100,000

P1 (High risk): $5,000–$30,000

P2 (Medium): $1,500–$5,000

P3 (Low): $600–$1,500

P4 (Minor): $200–$600

Binance pays the first valid report only and issues rewards within two weeks of verification. Rewards are typically paid in BNB or BUSD, and outstanding submissions may receive discretionary bonuses.

⚙️ How to Participate

Visit the Official Bug Bounty Page

Go to the dedicated bounty portal at bugbounty.bnbchain.org to join the BNB Chain program. Binance also maintains older programs via Bugcrowd.

Submit a Detailed Bug Report

Your submission should include:

Clear steps to reproduce the issue

A proof-of-concept or logs/screenshots

Impact analysis and suggested fixes if available

Specify target: BNB Beacon Chain, BSC, opBNB, etc.

Use the provided template for structure.

Verification & Payout

Binance reviews the submission. If valid, rewards are issued in about two weeks and visible via istributionin your account history

Bonus Opportunities

Binance has previously offered bonus incentives for multiple valid submissions within a timeframe (e.g., +50% for second report, +75% for third) during special campaigns.

Bugcrowd

🔍 What Have Others Reported?

Community discussions reveal mixed experiences:

“The bug severity is P3… worth between $600 and $1,500. Today , Binance implemented exactly my solution without rewarding me.”

This indicates reporting risk: even valid bugs may not be rewarded if Binance considers it non-eligible.