Polygon is working with the community to find security vulnerabilities to keep the Polygon Projects, Developers and Users safe.
The bounty program is to ensure everyone has an opportunity to find bugs in the Polygon system, which will in turn help the team ensure the security of Polygon. Payouts will go up to $5,000 for critical issues.
If you are new to blockchains and/or to Polygon, see Polygon Architecture.
Explore the code on GitHub. There are 3 main repositories for you to study:
Set up a test network locally. See Running a node on the local environment
The Polygon CLI repository is an easy way to setup and manage the entire Polygon stack, including Heimdall, Bor, and the Staking & Plasma smart contracts on a local environment. This would help in simulating tests and attacks locally.
If you want to run a full node on the Polygon Mainnet or Mumbai Testnet, you can follow the links below:
Obtaining tokens for testing
To get tokens, you can access the Polygon faucet and choose the Goerli network to get some tokens.
Check out the forum and join the discussion on Discord.
See also the Immunefi Bug Bounty Program.