Defibox
English
English
  • Defibox Whitepaper V4.2
    • Review of Major Events in Defibox
    • 2022 Defibox Annual Report
    • Defibox 2022 Roadmap for Q2
  • RAM/bRAM operation tutorial
  • Create a Free EOS Account by EOS Helper
  • Security
    • Development Documentation
    • Security Audit
    • Multi-signature Contract
    • Code Open Source
    • Bug-bounty Program
    • Announcement On Defibox Account
  • Q&A
    • Defibox Tutorial
      • EOS Profit Tutorial
      • USDT Profit Tutorial
        • How to do a lossless arbitrage with USDT?
        • USDT Yield Guide: How to Earn Stable Earnings in a Bear Market?
      • USN Profit Tutorial
      • Balance Tutorial
        • How to make market EOS+sEOS and receive rewards
      • Vault Tutorial(Take EOS as an example)
    • Swap Questions
      • Swap Related Questions
      • Liquidity provider questions
        • About DEFIBOX SWAP independently on the burning token description
      • LP Tokens Questions 1
      • LP Tokens Questions 2
    • USN Stablecoin Questions
      • About USN Agreement Revenue
      • USN Currency Parameter Table
      • The Automatic Adjustment Mechanism of USN Annualized Rate
    • Lending Questions
      • Lend currency parameter table
    • Vault Questions
      • Vault User Document(Take EOS as an example)
      • Vault Q&A
    • BOX Mining Questions
    • BOX DAO Questions
    • Defibox Mining Rules
    • Balance Mining Rules
      • Balance Trading Algorithm
    • Link to Clear Cache
    • Desktop wallet download address
    • How to create an EOS wallet (source TokenPocket)
  • About WAX
    • WAX FAQ
      • Create WAX Cloud Wallet (WCW)
      • How to stake resources ?
      • Defibox Market Making and Mining Tutorial
      • Swap protocol mining rules
    • Defibox Points Treasure Hunt Event
    • WAX ecological information
      • Alien World
      • WUFFI
    • WAX monthly news
  • Defibox DAO
    • DefiboxDAO Charter V5.0
    • Board Members
    • Report of the 3rd DefiboxDAO Board
    • About Luckybox
    • bp.defi Node Matters
      • Defibox BP Proposal
        • Proposal to change eosio.saving funds transfer process
        • Explanation on the multi-signature setting of the EVM smart contract account by the EOS Foundation a
      • Multi-Sig Proposal
        • Announcement on the Defibox BP executions of multisig for EVM boot
        • Announcement on Defibox BP passing the proposal: MSIG to enable IBC for WAX<>EOS
        • Announcement on Defibox BP passing the proposal: MSIG to approve CEX whitelist (EOS EVM)
        • Announcement on bp.defi's approval of EVM version update multi-signature
    • Board Resolution
      • Board Resolution on the Use of Risk Reserves as Vault Protocol Security Audit Advance Payment
      • Regarding the transfer of 2,000 BOX in the apply.defi account for the Board resolution of the BSS In
      • Explanation on the incident of bad debts concerning DEX token in the liquidation process of the Defi
      • Defibox DAO Board Announcement on “3.29” BOX Price Fluctuation Event
      • Board resolutions on raising the satellite protocol Balance handling fee to 0.1%
  • Defibox Events
    • Defibox and Noah joint event airdrops 80,000 USD
    • Defibox 3rd Anniversary Event "Defibox 3rd Anniversary, Share 15,000 BOX"
      • Winners of "Defibox 3rd Anniversary, Share 15,000 BOX" Event
    • Defibox Launches "Recruiting Concise Version Experience Officers, Sharing 800 BOX Rewards" Campaign
      • Winners of Defibox Recruiting Concise Version Experience Officers, Sharing 800 BOX Rewards" Event
    • Defibox's 2nd anniversary event "Do tasks to earn points and win 10,000U rewards"
    • Defibox Global Essay Contest of “Play” DeFi, “Build” Block
      • Defibox "Play DeFi, Build Block" Global Essay Contest Winners List
    • Defibox and OKEx Open the BOX Trading Contest to Divide 15,000 USDT
    • "Defibox, Improve the Efficiency of Global Value Circulation” Article Contest
      • "Defibox, Improve the Efficiency of Global Value Circulation" Article Contest Starts Voting
      • The Winner List of Article Contest "Defibox, Improve the Efficiency of Global Value Circulation"
Powered by GitBook
On this page
  1. Security

Bug-bounty Program

Scope

This Program is limited to the vulnerabilities affecting Defibox in the following contracts:

1. Defibox Core 2. Periphery Contracts

The following are not within the scope of the Program:

1.The contracts in the test folder.

2.Bugs in any third party contract or platform that interacts with Defibox.

3.Vulnerabilities already reported or discovered in contracts.

Vulnerabilities contingent upon the occurrence of any of the following activities also are outside the scope of this Program:

1.Front end bugs;

2.DDOS attack;

3.Automated tools;

4.Compromising or misusing third party systems or services.

Program Rewards

Severity of bugs will be assessed under the CVSS Risk Rating scale, as follows:

Critical : Up to $30,000

High : Up to $10,000

Medium: Up to $2,000

Low: Up to $1,000

Disclosure

Any vulnerability or bug discovered must be reported only to the following email: bounty@defibox.io, must not be disclosed publicly; must not be disclosed to any other person or entity prior to disclosure to the bounty@defibox.io email; and must not be disclosed in any way other than to the bounty@defibox.io email. In addition, disclosure to bounty@defibox.io must be made promptly following discovery of the vulnerability. Please include as much information about the vulnerability as possible, including:The conditions on which reproducing the bug is contingent,the steps needed to reproduce the bug or, preferably, a proof of concept,the potential implications of the vulnerability being abused.

Eligibility

To be eligible for a reward under this Program, you must:

Discover a previously unreported, non-public vulnerability that would result in a failure on Defibox (but not on any third party platform interacting with Defibox) and that is within the scope of this Program.

Be the first to disclose the unique vulnerability to bounty@defibox.io, in compliance with the disclosure requirements above.

Provide sufficient information to enable our engineers to reproduce and fix the vulnerability.

Not engage in any unlawful conduct when disclosing the bug to bounty@defibox.io, including through threats, demands or any other coercive tactics.

Not exploit the vulnerability in any way, including through making it public or by obtaining a profit (other than a reward under this Program).

Comply with all the eligibility requirements of the Program.

PreviousCode Open SourceNextAnnouncement On Defibox Account

Last updated 6 months ago