# Audit & Bug Bounty (BB)

Bug Bounty program -  also known as a vulnerability rewards program (VRP), offers rewards to individuals (security researchers, hackers) for uncovering and reporting software bugs. The public Bug Bounty program **has unlimited time and budget and everyone** on the platform can participate.  Bug bounty can be done for both closed and open-source code.

Audit - is a service that will be done by a specific company auditor for a **limited time and money and by limited specialists**. Auditing can be done for both closed and open-source code.

| Option                                                             | Bug Bounty                        | Audit by company                   |
| ------------------------------------------------------------------ | --------------------------------- | ---------------------------------- |
| Limited time                                                       | usually no                        | yes                                |
| Limited budget                                                     | usually no                        | yes                                |
| Everyone can submit vulnaribility report                           | yes (and no for private programs) | no                                 |
| Program owner (client) can pay in native token, stable coins, fiat | yes                               | no (usually stable coins and fiat) |
| Only specific company can participate                              | no                                | yes                                |
| Can be done for both closed and open-source code                   | yes                               | yes                                |