[DIS] Bug Bounty Program
Posted: 07 May 2016, 18:39
I'm bad with words so here's the idea: a bug bounty program. We could give rewards for reporting bugs and the reward would depend on bug severity.
Why?
Because we don't have nearly enough testers so most bugs are only found once code hit the main server. Also, some players like to keep bugs to themselves so they can exploit the heck out of it before it gets patched. By giving rewards for reporting bugs we create incentives to test and incentives to not exploit but instead report.
Proposal:
Why?
Because we don't have nearly enough testers so most bugs are only found once code hit the main server. Also, some players like to keep bugs to themselves so they can exploit the heck out of it before it gets patched. By giving rewards for reporting bugs we create incentives to test and incentives to not exploit but instead report.
Proposal:
- Players may report as many bugs as they want and are encouraged to do so, but each individual bug may only be rewarded once. If a player reports a bug that was already reported they get no reward (or maybe a tiny thank you reward).
- Players must be able to reproduce the bug (preferably on the test server)
- Official developers with repository access (git push) can not get rewards for reporting bugs (else we could just make up bugs ourselves then report for rewards)
- Players can not get rewards for bugs they might have reported before the bug bounty program existed
- Bugs that exist only on the test server and that are caused by WIP code are not eligible for a reward
- Anyone that is caught exploiting a bug before reporting is not eligible for a reward
- Rewards will depend on the severity of the bug
- A - map bugs or other visual bugs
- B - bugs that prevent from completing/starting a quest or from using some skill/attacks/spells
- C - bugs that crash the server
- D - bugs that allow to do a quest again and again, that gives too many items, or that allows to obtain several times the same items
- E - bugs that consume items (ie a buggy quest that takes your items but gives nothing) or breaks quest state permanently
- S - bugs that gives GM/Dev/Admin powers (ie @block) or GM/Dev items (ie GM cap)
- SS - bugs that allows to use someone else's account or characters (or to impersonate them), or that exposes passwords or any non-public account information (ie email)
- SSS - bugs that gives access to the server, git repos, SQL databases, or any external assets controlled by TMW