Bug Bounty Program
We are serious about our platform and your funds' security. That is why we have audited our smart contracts, as well as looking forward to audit with more auditors. However, we believe that there is still the possibility that someone else might have found vulnerabilities on our platform which we are very grateful for, and should be rewarded with bounty.
- The vulnerabilities found on our smart contracts have an impact on the security of users' fund
- The vulnerabilities are not disclosed anywhere else and should be able to reproduce by the team
- The vulnerabilities were not discovered or reported by somebody else
- The vulnerabilities report should include sufficient detail, possible proof-of-concepts, as well as the rationale why the vulnerability is harmful to the system
- The vulnerabilities can be exploited by using the conventional executions of smart contracts
- The team reserves the right to decide the severity and bounty for the vulnerability, and the decision is final
- Please wait for at most 7 days after the vulnerability is reported. The team will respond as soon as possible.
- If the vulnerability is confirmed and mitigated, the bounty will be rewarded according to the severity of the vulnerability, together with the aforementioned terms and conditions.
As security is one of the most vital parts of our platform, we are making sure that our platform has an adequate level of security such that investors can confidently invest in our platform.