The reward criteria and distribution process in bug-bounty.md are not detailed enough

[XXXJCSAMA]

In the file v3-core/bug-bounty.md, only the maximum reward of $500,000 is mentioned, but specific details such as the evaluation criteria for rewards, the distribution process, and timelines are missing. This lack of clarity makes it difficult for participants to understand how rewards are determined and distributed. It is recommended to supplement the document with detailed reward criteria and distribution procedures to improve transparency and attract more security researchers to participate in vulnerability reporting.