Join our Bug Bounty Program and get rewarded. Help us find the bugs π
π π π¦
The Bridge Champ team recognizes the value external experts bring to usability, stability, and security. We welcome β and reward β eligible contributions from researchers.
If you believe youβve found a bug or security vulnerability, we encourage you to report it right away. Before submitting a report, please review this page β including our disclosure policy, reward system, and program scope.
ΒΆ Responsible Research and Disclosure Policy
To participate in the Bug Bounty Program, researchers must agree to:
- Never interact with user accounts without explicit written consent from the account holder.
- Avoid privacy violations or service disruptions (including unauthorized data access or degradation).
- Test only using your own account or accounts with explicit consent.
- Provide reasonable time for us to resolve issues before public disclosure.
- Not be an employee, contractor, or immediate family of anyone at Bridge Champ or its affiliates.
- Be at least 18 years old.
We reward researchers who help improve our platform. Rewards are discretionary and based on risk, impact, severity, and reproducibility.
- Identify and report a bug or vulnerability affecting usability, stability, or security.
- Report it as soon as reasonably possible after discovery.
- Submit via the in-game feedback form or by emailing info@bridgechamp.com.
- We investigate all valid reports. Response time may vary based on priority.
- Minimum reward: 1,000 IGNIS. High-impact reports can earn up to 20,000 IGNIS.
- We consider the exploitability, impact, and quality of your report.
- Lower rewards apply for issues affecting only outdated browsers/devices.
- Duplicates are rewarded only once β to the first valid submission.
- We may publish anonymized reports or a leaderboard of contributors (unless you request otherwise).
- Bridge Champ reserves the right to update or cancel the program at any time.
Rewards are paid in IGNIS, a cryptocurrency maintained by our parent company Jelurida. Payments are made directly to your Ardor blockchain account associated with your Bridge Champ username. Learn more about IGNIS at jelurida.com/ignis.
Current reward levels:
- Class 1 β Minor issue: 1,000 IGNIS
- Class 2 β UI, bot misplays, visibility issues: 2,000 IGNIS
- Class 3 β Logic error, wrong score, bad bid: 5,000 IGNIS
- Class 4 β Session crash, bot stuck, major bug: 10,000 IGNIS
- Class 5 β Critical security vulnerability: 20,000 IGNIS
- When reporting bot behavior, use the in-game feedback form β no screenshots needed.
- Please read the bot's convention card first β reports based on misunderstandings will be ignored.
- Reports involving 1 HCP differences or legitimate alternative play lines may be ignored.
- Severe bot misplays (e.g., passing over artificial bids) may be classified as Class 4. Otherwise, most bid/play issues will fall under Class 2 or 3.