Bug Bounty

Category
Bounty
Description

Low

$100 - $300

Minor bugs or inconsistencies around the accuracy of the data shown on the frontend vs the calculated/executed data on the backend, tiny error margin should not be considered as a bounty. These type of reports should not have any real impact on the business operations.

Medium

$300 - $2,000

Vulnerabilities which can arise from a DDoS, social engineering and deceit. Fostering a security and ensuring that the security can be bypassed and acted on behalf of the customer by either having physical access or social engineered access. Has impact on the business operations.

High

$2,000 - $10,000

Gaining unauthorised access (limited or full) to a sub system which contains sensitive data, being able to copy or modify this data which does not really affect customer's balances. Anything which results in data loss which will need recovery.

Critical

$10,000 - $100,000

Critical reproducible exploits which can either affect the existing customer or other customers balances. Anything which is critical to the business operations and results in loss of funds.

Process

  1. Once a bug report has been filed, our team will validate the bug

  2. Once the bug has been validated, our team will create a patch for the bug

  3. Bug bounties will be paid out once the reported bug has been resolved and tested

  4. Timelines may vary based on severity

Users can submit a bug report via our discord ticketing system at the following link https://discord.com/invite/rabbitx

Last updated