Our goal is to make contributing to the Solana project transparent and straightforward. Looking to contribute something to Solana? Here's how you can help.
The issue tracker is the preferred channel for bug reports and other various issues. Please respect the following restrictions:
- Please do not use the issue tracker for personal support requests. Discord is the hub for support.
- Please do not undermine other issue submissions. If a user is looking for our support venue, please direct them to the Discord.
Our issue board utilizes several labels to help organize and identify issues. Here's what they represent and how we use them:
- add labels here
For a complete look at our labels, see the project labels page.
All code-based contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit the CLA homepage.
When you submit a pull request to any Solana Labs repo, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately. Simply follow the instructions provided by the bot. You will only need to do this once across all repositories using our CLA.
After you sign the CLA, and we accept your contribution under our Bounty outlines, our team will contact you for more information regarding legal and payment proceedings.
Security issues should be reported privately, via email, to the Solana team securely at [email protected]. You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Further information, including the [Mission Critical PGP](insert pgp key here)key, can be found in the Security Guidelines.
To encourage contributions to the Solana project, the Solana Labs team has allocated funds for a bounty program. We use GitHub issues to classify issues that are available for bounty program rewards. See current bounties [here](add link to GitHub label).
Payout amounts are derived from the engineering team's classification of the bounty into our predetermined buckets:
s
: Small Bounties ($1-2)m
: Medium Bounties ($3-5)l
: Large Bounties ($8-12)
Upon creating a pull request fulfilling one of the outlined bounties, our engineering team will review your code and confer with the operations team whether or not your submission is in fulfillment of the predefined guidelines. If your code passes our review, we'll merge your contribution, and then be in touch about legal and payment proceedings.
All participants in the Solana Bounty Program need to sign an acknowledgement of the terms of the program. The eligibility criteria live here.
Fill out this Google Form to confirm your acknowledgement.
By contributing your code, you agree to license your contribution under the Solana Modified Apache 2.0 License. You also agree that you have agreed to the terms outlined in our CLA, which can be found [here](add CLA link).
The Solana Bounty program is an experimental rewards program for our community to encourage and reward those who are helping us to improve Solana. We can close the program at any time, and rewards are at the sole discretion of the Solana Labs team. All rewards are subject to applicable law and thus applicable taxes. Don't target our physical security measures, or attempt to use social engineering, spam, distributed denial of service (DDOS) attacks, etc. Lastly, any bug testing must not violate any law or compromise any data that is not yours.