AssetMantle/node is subject to the AssetMantle V0.4.0 Bug Bounty. Please refer to README.md for any setup related queries. All the information required for this program is mentioned below with rewards of upto 1000$, Happy Hunting!
The scope of the program includes any bugs found while making RPC or REST calls. This includes all the transactions and queries exposed by each module in the project.
The following are not in the scope of the program:
- Any issues already raised in AssetMantle/node or AssetMantle/modules
- Any issues already documented in:-
- Transaction failures in Orders/revoke, modify, immediate or deputize
- Any GRPC gateway queries, the endpoints are exposed but not operational
- DDOS attacks
- Spamming
- Compromise or misuse of third party systems or services
RED: Concensus failure
ORANGE: Loss of funds
YELLOW: Minor logical issues
Rewards will be allocated in MNTL tokens based on the severity of the bug and will be evaluated and rewarded at the discretion of the AssetMantle team.
Reward distribution:
- RED: 1000$
- ORANGE: 500$
- YELLOW: 100$
Each bug should be reported by creating an issue including the following details:
- A detailed explanation of the problem at hand
- The steps taken to reproduce the scenario
- Potential implications/future drawbacks of this discovery
Minimum Requirement: Mantle Wallet to receive rewards
By submitting your report, you grant AssetMantle any and all rights, including intellectual property rights, needed to validate, mitigate, and disclose the vulnerability. All reward decisions, including eligibility for and amounts of the rewards and the manner in which such rewards will be paid, are made at our sole discretion.
The terms and conditions of this Program may be altered at any time.