Bug bounty program
Are you a programmer or hacker? Are you looking for glory, fame and a bit of compensation? You might have found the right place
We are looking for skilled hackers to fix serious issue in our game and web software. Monetary rewards would be sent to you through PayPal.
Feel free to ask questions to Tyron on Discord or through the Support ticket system. If you found a solution, please do test if it does not break other parts of the game, then write us a support ticket as well. Rewards are only given for the listed issues below. Thank you and happy hunting!
Discover a serious vulnerability
The Vintage Story Game Server, Game client, account manager and the official site should be safe for users to use and not leak any sensitive user data. If you find such vulnerability, we'd greatly appreciate it if you report them to us.
Please Note: No bounties are awarded for known issues.
Please Note 2: We are not looking for DoS/DDoS/Flood/Spam vulnerabilities, so do not launch any sort of DoS attacks on our services.
Reward: Depending on severity 30 to 200 Eur, 1 to 5 game keys
Google Authenticator Sample Implementation in PHP
We would like to support Two-Factor Authentication for our client area using the Google Authenticator. Unfortunately most sample code in PHP looks outdated or unnecessarily convoluted. We are looking for a small and self-contained sample implementation under 200kb uncompressed, requiring less than 100 files, uploaded to a Github repository with a license of your choosing as long as we can use it commercially in return for a bounty. Installation/Integration should be a few simple steps.
Reward: 450 Eur, 2 game keys
Improved networked physics
Currently the game simulates collision detection and gravity on the client, while the server additionally simulates creature movement and knockback. The server then sends position updates on all creatures in a 200ms interval (system ServerSystemEntitySimulation in VintageStoryLib.dll). The client uses this information to try to generate smooth motion from that in BehaviorInterpolatePosition.cs. This causes multiple issues - amongst them: Creature knockback is not smooth, other players jumping is not smooth, arrow shot by the bow appears delayed on the client, jumpy dropped items on block edges (easily reproducable by dropping a stack of items at a block edge). We'd like to improve the quality of networked physics simulation. One possible solution could be deterministic lockstep.
Reward: 400 to 1000 Eur, 2 to 20 game keys - depending on the quality of the solution and how many issues it solved.
Implement a custom line renderer
In some areas of the game we need to render straight lines, such as when highlighting the currently looked at block, or during the crafting mechanics knapping, clay forming and smithing. For this we use the line rendering mode from the OpenGL specs (GL_LINES), but it has only limited support on some hardware. On the new Mac Chips it does not seem to work at all anymore. It also does not support antialiasing or miter options. We need to replace it with a custom implementation - one that can replace our current system without too much effort. The 'Drawing lines is hard' article might provide a good starting point. Your implementation should be a Proof-Of-Concept Vintagestory mod that mostly uses our Render API to draw these lines.
Reward: 400 Eur, 3 game keys
Prettier cloud rendering
Our current clouds are halftransparent rectangular boxes with odd looking overdraw visuals. It would be really nice if we could make them somewhat more fluffy looking, while still keeping them in a roughly rectangular shape. Ideally only by editing the renderer and shader files, because the cloud system is deeply integrated into our weather system that should remain unchanged. Disclaimer: I have a very particular looks that I want VS to have, so it might be difficult to get it just right.
Reward: 500 Eur, 3 game keys
Suggest your own bounty
Is there something you'd strongly feel is amiss in the game? Feel free to contact us with an offer! Please keep in mind, these modifications should be limited to a few files. Wide ranging edits would require a lot of work on our end. The result should also be well tested.
Reward: xx Eur, x game keys