Bug bounty

Overview

Help us identify bugs, vulnerabilities, and exploits in the autonomous agents and get rewarded. This bounty program will run within the testnet network until June 1st, 2020.

Scope

The bug bounty covers any of the autonomous agents deployed on testnet. Duplicate vulnerabilities are ineligible, only the first reporter will be rewarded. The frontend is not in the scope. The code can be found at: https://github.com/bonustrack/oswap/tree/master/public‚Äč

Rewards

The bounty program will pay out rewards according to the severity of a vulnerability with a total budget of $400.

Reward

Severity

Examples

$100 to $200

Critical

Stealing assets from a pair, permanently freezing pair assets

$50 to $100

Major

Severe rounding errors where an attacker can steal funds

$0 to $50

Minor

Informational and code quality based disclosures

Reporting

Please report any findings to [email protected] or fabien#4765 in Discord with full details about any vulnerability and steps / code to reproduce. Allow us time to review and remediate any findings before public disclosure.