| And yet there's so much that is there! The Normal protocol. The View Change protocol. The CTRL protocol from PAR (that you don't get to see often). Thousands of lines of code that are incredibly hard to get right. All the fault models. The storage fault model alone is also not something you find many distributed systems attempting, let alone paying bounties for. It's also not common to find bounties that go out of their way to help you. TigerBeetle's bounty ships with a state of the art Deterministic Simulation fuzzing tool that you can use to explore interesting state spaces quicker. It will even classify bugs as liveness or correctness for you. It's like your own Jepsen, except you can inject storage faults, speed up time, and replay anything you find from a seed. Again, the only reason we were explicit about scope really, is because of our own experience doing bounty programs that were underspecified. For example, while it should be clear enough that this is a distributed systems and consensus bug bounty challenge, literally called “Viewstamped Replication Made Famous”, we didn't want anyone to be confused and think it was a security bug bounty. That's the only reason it's excluded, because we want people to break our consensus. Nevertheless, we do have small awards for interesting findings. So I hope you'll give it a shot! We'd love to announce and award your findings. For example, why not take on the challenge during HYTRADBOI's database jam? https://www.hytradboi.com/jam |