About
We reward security researchers for finding and reporting vulnerabilities that help keep our platform secure. Our bug bounty program offers rewards up to $200,000 and bonuses for outstanding contributions.
Here's what you can expect:
- Quick review and triage of reports with high-quality evaluations.
- Full transparency on report decisions, including adding you to duplicate reports on HackerOne.
- Prompt bounty awards after triage, except in rare cases.
We value all contributions, from minor issues to critical vulnerabilities, as they help enhance Shopify's security.