📜 About the Bug Bounty Program

Bug bounty programs are initiatives that enable ethical hackers to use their technical skills to discover vulnerabilities in a protocol and get paid depending on the severity. This program enables community members to submit reports of “bugs” or vulnerabilities for a chance to earn rewards and hence enhance the security of Dopex.

Please refer to the original blogpost here for the latest information around getting a bug bounty.

💸 Compensation

All submissions are evaluated by the Team on a case by case basis. Rewards are allocated based on the severity of the issue, and other variables, including, but not limited to a) the quality of the issue description, b) the instructions for reproducibility, and c) the quality of the fix (if included).

🏃🏻 Steps to get started:

  1. Read the full scope and T&C on our bug bounty GitHub: https://github.com/dopex-io/bug-bounty
  2. Any vulnerability or bug discovered must be reported to the Team via [email protected].
  3. The disclosure must be made within 24 hours following the discovery of the vulnerability and, as noted above, not have been exploited in any way prior to disclosure or publicized or disclosed to any third party (other than the Team) prior to not only submission of the report, but also fixing of the bug / vulnerability.

🔭  Relevant docs