Bug Bounty
In Season 3, 2% of the entire Prize Pool will be allocated to rewarding players who report Critical Bugs. These bugs must be reproducible and pose a significant threat to the game’s economy, integrity, or fair play.
What Qualifies as a Critical Bug?
Critical Bugs include, but are not limited to:
Item Duplication – Any method that allows players to duplicate items, including Silver
Coin Exploits – Any exploit that allows a player to obtain significantly more Coins than intended by the game mechanics.
Security Vulnerabilities – Any method that significantly compromises game, player, or infrastructure security - account hijacking, database hacks, data manipulation, etc.
Contract Vulnerabilities – Exploits or security flaws in smart contracts that could result in unauthorized transactions or loss of assets.
Leaderboard or Ranking Exploits – Bugs that allow unfair manipulation of in-game rankings, achievements, or rewards.
Bounty Rewards
The reward amount will depend on the severity and impact of the bug.
Reports must include detailed reproduction steps and evidence.
Rewards will be distributed after verification and patching of the bug.
Only the first reporter of a unique Critical Bug will be eligible for a bounty.
How to Report a Critical Bug
To submit a report, create a ticket in our Discord with the following details:
Your in-game username
A clear description of the bug
Steps to reproduce the bug
Any relevant screenshots or video evidence
Alternatively, send us an email at security@cambria.gg
Disclaimers
Reporting a bug does not guarantee a reward.
Exploiting the bug before reporting will void eligibility.
Sharing or selling the exploit instead of reporting it will result in a permanent ban and ineligibility for rewards, both from the game prize pool and from the bug bounty program.
The development team reserves the right to determine the reward amount based on severity and impact.
Our History
Season 2 (14 days) - paid 35.76 ETH to bug bounties
Last updated