Multisig escrow & P2P Bitcoin surfaces
HodlHodl concentrates peer-to-peer Bitcoin trading with 2-of-3 multisig escrow: trade listings, multisig address generation, deposit confirmation, release authorization, dispute arbitration, fee accounting, chat mediation — fertile ground for multisig key theft, escrow bypass, dispute manipulation, coin stealing via signature replay. Each critical earns $5,000.
As a non-custodial P2P exchange, HodlHodl uses multisig where the platform holds one key, buyer one key, seller one key — 2 of 3 signatures release funds. Any bug that lets an attacker forge, steal, or bypass a signature requirement is a direct critical. In scope materially: every host under hodlhodl.com and subdomains for trading, APIs, chat, dispute panels, admin consoles, wallet infrastructure.
Civil exclusions only: theft-as-a-service against counterparties, harassment.
Why pressure-test HodlHodl?
Flat $5K critical payouts
Validated critical exploits earn exactly $5,000 USD.
Full-scope boundary
Every endpoint HodlHodl operates is in-scope.
Multisig risk
2-of-3 escrow means a single key leak or signature logic bug unlocks real Bitcoin. Every such vulnerability is a critical.
The critical reward benchmark
- Flat rate — no haggling
- Payable on kill chain + attack reproduction
- First PoC wins
What's in scope
| Target | Category | Reward |
|---|---|---|
hodlhodl.com, subdomains, web UI | Web | $5,000 / validated bug |
| P2P trade & multisig escrow APIs | Backend | $5,000 / validated bug |
| Multisig key management · signature verification | Crypto | $5,000 / validated bug |
| Dispute arbitration · admin overrides | Ops | $5,000 / validated bug |
Everything HodlHodl operates — no exclusions list
Sandbox multisig environments, Telegram/bot hooks, API integrations — all eligible.
- Vanity domains CNAME'd into HodlHodl edge
- Multisig SDKs or scripts HodlHodl ships to traders
- On-ramp/off-ramp callbacks verified with HodlHodl secrets
Rules of engagement
- Prove exploitation success. Provide scripts, HARs, signature traces.
- Number your hops. Entry → multisig bypass → BTC loss.
- Minimize real-user blast radius. Prefer testnet/mirrors.
- Private coordination first. Use official intake on hodlhodl.com.
- Duplicate fairness. First qualifying PoC wins.
How to submit a report
Use the security disclosure contact on https://hodlhodl.com/ (security@hodlhodl.com — verify on the live site).
- Summary and type of vulnerability
- Numbered kill chain
- Proof of successful exploitation
Multisig signature replay · show parallel signatures
Illustrative signature reuse across trades — worthless without on-chain evidence on hodlhodl.com.
// BUGGY: signature not bound to trade ID — can be replayed across trades
function verifyAndRelease(tradeId: string, sig: string, pubKey: string) {
const tx = db.getReleaseTx(tradeId);
const valid = bitcoin.verifySignature(tx.toHex(), sig, pubKey);
// Missing: check nonce/tradeId in signed message!
if (!valid) throw new Error('invalid sig');
await broadcast.send(tx); // Re-used signature releases different trade's BTC
}Frequently asked questions
Is hodlhodl.com fully in scope?
Yes. Any host or subdomain HodlHodl operates is in scope.
What qualifies as a critical?
Multisig key theft, signature bypass, escrow release without 2-of-3, dispute manipulation, admin takeover.
Can I test on mainnet?
Prefer testnet. If mainnet is unavoidable, use minimal amounts and document every step.
