Bug Bounty
The CronaSwap bug bounty program is focused on our smart contracts, websites, and apps with a primary interest in the prevention of loss of user funds, either by direct draining of locked funds or social engineering attacks by redirecting users or forcing them to sign a transaction.
Smart Contracts and Blockchain
Critical
USD $
High
USD $
Medium
USD $
Low
USD $
Website and Apps
Critical*
USD $
High
USD $
Medium
USD $
*XSS reports are restricted to those that have an impact of prompting a user to sign a transaction or a redirect.
Important details to note
All smart contract/web/app bug reports must include a PoC (Proof of Concept) demonstrating how the vulnerability can be exploited to be eligible for a reward.
Payouts are handled by the CronaSwap team directly and are denominated in USD. However, payouts are done in either CRONA or USDC.
Last updated