Celestia has officially launched a bug bounty program in partnership with HackenProof. The program offers rewards of up to $750,000 for valid reports that expose critical vulnerabilities across key repositories in the Celestia tech stack.
What the Program Covers
The scope of the program includes Celestia’s core components such as celestia-core, celestia-app, celestia-node, rsmt2d, go-square, and others. These repositories play a foundational role in how Celestia separates consensus and data availability from execution—a core tenet of its modular architecture.
Rewards are structured according to the severity of the discovered vulnerability:
Critical: Up to $750,000
High: Up to $250,000
Medium: Up to $50,000
Low: Up to $10,000
Submissions must include a working proof-of-concept and adhere to coordinated disclosure practices outlined in the program rules. Notably, only the first valid report of a given vulnerability is eligible for a bounty.
Key Criteria and Process
To qualify, researchers must:
Stay within the program’s defined scope.
Provide a detailed report and working exploit.
Avoid testing on mainnet or using production infrastructure.
Complete KYC requirements prior to reward distribution.
The program excludes issues like DDoS attacks, social engineering, and bugs in third-party dependencies not explicitly listed. It also requires that vulnerabilities be disclosed exclusively through HackenProof’s platform.
Strengthening Celestia's Ecosystem
The bug bounty initiative highlights Celestia’s commitment to infrastructure security as it continues to scale modular blockchain adoption. By encouraging independent security research, the project aims to fortify its system before wider ecosystem growth and more complex rollups deploy on top of its stack.
——————————————————
About Stakecito Labs
At Stakecito Labs, we've honed our craft as validators. Our reputation as the third-largest validator by delegation count within the Cosmos ecosystem speaks to our unwavering dedication and the trust placed in us by over 270,000 delegators worldwide.
Our validation services are not just about maintaining Cosmos blockchain networks though; we validate networks outside of Cosmos as well (NEAR, Aleph Zero, etc.).
Our core mission is centered on demystifying blockchain technology to ensure it's accessible for everyone, from newcomers to seasoned investors. To begin staking, visit our homepage.
Stake with Stakecito | Follow us on Twitter | Subscribe to Our YouTube | Governance
——————————————————
