Bug bounty
Last updated
Last updated
Help us identify bugs, vulnerabilities, and exploits in the autonomous agents and get rewarded. This bounty program will run within the testnet network until June 1st, 2020.
The bug bounty covers any of the autonomous agents deployed on testnet. Duplicate vulnerabilities are ineligible, only the first reporter will be rewarded. The frontend is not in the scope. The code can be found at: https://github.com/bonustrack/oswap/tree/master/public
The bounty program will pay out rewards according to the severity of a vulnerability with a total budget of $400.
Please report any findings to fabien@bonustrack.co or fabien#4765 in Discord with full details about any vulnerability and steps / code to reproduce. Allow us time to review and remediate any findings before public disclosure.
Reward
Severity
Examples
$100 to $200
Critical
Stealing assets from a pair, permanently freezing pair assets
$50 to $100
Major
Severe rounding errors where an attacker can steal funds
$0 to $50
Minor
Informational and code quality based disclosures