You are viewing an archive of the Piccadilly Circus Games Competition. Join our Discord for the latest information.
Bug Bounty
Find and report bugs to win points. The top 20 bug finders in Round #6 win an award. A roulette will also run, selecting 5 bug finders who were not winners in a round, and those 5 win an award as well.
Synopsis
You compete in this challenge by submitting valid bugs against Autonity code and documentation. One bug submission can be made per issue raised against any of the five eligible projects:
- https://github.com/autonity/autonity
- https://github.com/autonity/autonity-oracle
- https://github.com/autonity/autonity.py
- https://github.com/autonity/aut
- https://github.com/autonity/docs.autonity.org
Bugs can be submitted at any point between the start time of the Games and the end time of the final Game Round #6. Bugs submitted outside of this period will not be considered. But it’s fine to submit bug reports between game rounds; they will simply be counted in the next round.
In this game task, the term bugs really means issues. There are three types of “bugs” that are eligible for this task:
BUGS: issues that an eligible project’s code owner(s) agree should have thebuglabel in github.INTEGRATION: issues with integrating the eligible projects, or integrating an eligible project with other EVM ecosystem tooling that the eligible project’s code owner(s) agree should lead to a change in the eligible project’s code.DOCUMENTATION: issues or improvements to documentation of the eligible projects. Documentation refers to docs.autonity.org and repo readme’s and command--helpmessages of all eligible projects.
A roulette award is also run at the end of the round, giving game participants who have entered for an education task but not yet won an award an opportunity to win.
How to enter
How to submit issues to Bug Bounty
Ready to take part? Complete the Games Registration Form if you haven’t done so already.
Bug Bounty entries are submitted in a 2-step process:
- Raise – Create GitHub issue in one of eligible projects repositories. Follow the project’s conventions for raising issues as you would if you were not doing this as part of the Games.
- unless the issue is security critical, in which case do not raise a GitHub issue and follow the instructions in SECURITY.md instead.
- Submit – Use the Report a Bug Form to submit the above issue to the Games.
Submissions are triaged by a community panel made up of the Autonity core development team. Points are earned for submissions that are considered valid bugs. Submissions reporting issues that have been already raised in an eligible project repository or otherwise publicly known by the project’s maintainers (e.g. on a Known Issues page) will not be considered valid bugs.
Awards
The bug bounty challenge has 2 awards across which a total award pool of 25000 Award Tributes is distributed:
| Sub-task | Task award pool share | Award Tributes |
|---|---|---|
| Bug Bounty | 80% |
20,000 |
| Roulette Award | 20% |
5,000 |
Upon completion of Round #6, selected winners will win Award Tributes per the table beneath.
| Task | Award Tributes | Winners |
|---|---|---|
| Bug Bounty | Up to 20,000 Tributes | 20 winners |
| The Roulette Award | 1000 Tributes per winner | 5 winners |
Task: Bug Bounty
The Bug Bounty challenge for Round #6 is allocated 20,000 Award Tributes and up to 20 winners.
To take part, find and submit bugs in any of the eligible projects:
- https://github.com/autonity/autonity
- https://github.com/autonity/autonity-oracle
- https://github.com/autonity/autonity.py
- https://github.com/autonity/aut
- https://github.com/autonity/docs.autonity.org
Then, submit a bug report for each bug you find as described in How to enter on this page.
Points earned for the task are scored for each valid bug submission depending on the type and severity of the bug, as evaluated by panel. Here is the point scoring rule:
| Type | Severity | Points |
|---|---|---|
DOCUMENTATION |
None | 10 |
BUG |
LOW |
15 |
BUG |
MEDIUM |
25 |
BUG |
HIGH |
50 |
BUG |
CRITICAL |
100 |
INTEGRATION |
None | 15 |
Roulette Award
The award is allocated 5,000 Award Tributes and up to 5 winners.
The roulette gives every game participant that has reported a valid bug for the Bug Bounty task but not won a Bug Bounty prize a chance to win an award!
The roulette is run after Round #6 Bug Bounty task submissions have been judged. It randomly selects 5 participants who have entered for the Bug Bounty task during the PCGC but have not been chosen as a winner.
5 roulette winners are chosen, winning 1,000 Award Tributes each.
Scoring rule
Task: Bug Bounty
Bug Bounty is scored using a methodology based on:
- an award pool of a fixed amount for a task
- a floor and ceiling for participation and winner numbers to calculate winner award allocations:
- a significance threshold \(R\) of
95%. The top ranked users that accumulate 95% or more of the total score for the task are eligible. This puts a minimum score floor on the task. - a minimum number of participants below which a partial distribution of the reward allocation takes place - \(N_{fb}\)
- a maximum number of winners for the task - \(N_{max}\)
- a significance threshold \(R\) of
- points are scored for task completion by stated scoring criteria
- winners are judged by scoreboard position with tie-breaks resolved by scoreboard ranking. In the case that participation is higher than \(N_{max}\), the top scoring participants up to \(N_{max}\) will be chosen as winners.
- task participation must be significant. Only significantly scoring participants are counted - i.e. the top ranked users that have accumulated the \(R\) of 95% or more of the total score
- awards from the pool are distributed to the winners. Each winner’s award amount is calculated according to their score and the total number of winners.
The significance threshold puts a minimum score floor on the task. Scores must be in the \(R\) top 95 percentile to be eligible for an award.
The \(N_{fb}\) floor allows for a low participation scenario resulting in the entire award pool going to a few participants rather than the wider community. If this scenario were to happen, then the remaining reward allocation is carried forward for future incentives.
The scoring rule parameters for the task are set as:
| \(N_{fb}\) | \(N_{max}\) | \(R\) |
|---|---|---|
10 |
20 |
95% |
Where:
- \(N_{fb}\): the minimum number of task participants below which a partial distribution of the reward allocation takes place,
- \(N_{max}\): the maximum number of winners for the task,
- \(R\): the significant participant threshold for the task.
Points earned for accepted bug submissions will be allocated after triage assessment completes, after midnight (UTC). The task scoreboard can be viewed on the Leaderboards page.
Roulette Award scoring
Every valid non-winning submission for the Bug Bounty task submitted during PCGC Game Rounds 1 to 6 inclusive is auto-enrolled in the Bug Bounty challenge roulette award.
The roulette randomly selects 5 roulette winners, winning 1,000 Award Tributes each.