Bug Bounty
The CronaSwap bug bounty program is focused on our smart contracts, websites, and apps with a primary interest in the prevention of loss of user funds, either by direct draining of locked funds or social engineering attacks by redirecting users or forcing them to sign a transaction.
Smart Contracts and Blockchain
Level | Payout |
|---|---|
Critical | USD $ |
High | USD $ |
Medium | USD $ |
Low | USD $ |
Website and Apps
Level | Payout |
|---|---|
Critical* | USD $ |
High | USD $ |
Medium | USD $ |
*XSS reports are restricted to those that have an impact of prompting a user to sign a transaction or a redirect.
Important details to note
All smart contract/web/app bug reports must include a PoC (Proof of Concept) demonstrating how the vulnerability can be exploited to be eligible for a reward.
Payouts are handled by the CronaSwap team directly and are denominated in USD. However, payouts are done in either CRONA or USDC.
Last modified 1yr ago