Bug bounties are rewards offered by companies to individuals who find and report vulnerabilities in their software. Individuals receiving these rewards are typically ethical, or ‘white-hat,’ hackers attempting to bypass security measures as part of ‘bug bounty programs.’ Companies running such programs will usually specify the types of flaws it is looking for, as well as their accompanying bounties (either a fixed amount or a specified range). Bug bounty programs can be run as crowdsourcing initiatives or as private operations requiring invitations. Notable bug bounty programs involving blockchain include those run by Ethereum, Binance, and Ledger. There are also third-party platforms, such as Bounty0x, designed to aid companies in establishing bug bounty programs.