Trustly PostgreSQL Data Corruption Bug Bounty Program

Most people take for granted that PostgreSQL will never corrupt their data, because the database has such an impressive track record and few users will ever experience any data corruption problems, even after years of continuous heavy load.

But just as we shouldn't take our beloved ones for granted, we shouldn't take the reliability of PostgreSQL for granted. We want to give a small monetary incentive to the people who look after our beloved PostgreSQL and make sure that data corruption problems never ever reach a release candidate.

What's the bounty?

Trustly pays USD 1024 per verified data corruption bug in the HEAD of the master branch of PostgreSQL.

Trustly's bug bounty program is not associated with the official PostgreSQL project; it's a completely separate initiative having little to do with the project, except that the bugs we are interested in finding happen to be in the code the PostgreSQL project works on.

The bug must be demonstrated against the HEAD of the master branch of the official PostgreSQL git repository, and must not have been reported or discovered earlier.

Reproducing the bug must not require any types of hardware failure or unreasonable actions by the administrator, such as turning off fsync or full_page_writes. However, you are allowed to crash the server at will.

The submitted bug must be reproducible in a unit test and show any of the following phenomena:

  • Database not starting up after a shutdown or a crash
  • Acknowledged commit not recoverable (data silently disappeared, or errors while trying to read or modify the data)
  • Data not written to the database appearing in SELECTs (duplicates of the same row, deleted rows reappear, or garbage data)

You are allowed to assume that PL/pgSQL is available, and bugs which can be demonstrated to lead to any of the above phenomena only inside PL/pgSQL functions are still eligible for the bounty, except for bugs which lead to errors when trying to read or modify data.

Why?

With this bug bounty program, our hope is to incentivize more people to work on new clever ways of testing PostgreSQL or to invent other methods capable of finding data corruption bugs in PostgreSQL.

The objective is to shorten the number of commits between the commit which introduced a data corruption bug and the commit which fixed it.

If bugs in the master branch are not detected early enough, there is a risk they will stick around undetected long enough to be included in a released version of PostgreSQL.

If instead a new data corruption bug introduced in the master branch is fixed before ever being included in the next release, then no harm is done from a user perspective, since users who care much about their data only run released versions of PostgreSQL in production.

How?

To report a data corruption bug, please first submit it to the PostgreSQL project by following the instructions at http://www.postgresql.org/support/submitbug/. Once the bug has been verified by the PostgreSQL project, go to http://www.postgresql.org/list/pgsql-bugs/ to locate your bug report and its message-id, then e-mail your bug report to bug-bounty@trustly.com to collect your reward.

Bounties are awarded at the discretion of Trustly. We only pay individuals. Please allow up to two weeks for us to verify a found bug.