SOLARR bug bounty program offers rewards up to USDT 3000 for reporting vulnerabilities in our NFT pawn and lend platform. The severity of the vulnerability is categorized as critical, high, medium, or low, and assigned a point value. The total points earned by all reports will determine the percentage of the bounty payout for each reporter. By participating in our program, you can help us ensure the security and stability of our platform while earning rewards for your efforts.
Report the vulnerability by clicking the FeedBack button here.
1. Bug Severity Levels:
- Critical : A vulnerability that allows an attacker to execute arbitrary code or access sensitive information.🐞🐞🐞🐞
- High: A vulnerability that allows an attacker to perform unauthorized actions or access sensitive information.🐞🐞🐞
- Medium: A vulnerability that allows an attacker to perform non-sensitive actions or cause minor disruption to the platform.🐞🐞
- Low: A vulnerability that has a minimal impact on the platform.🐞
2. Points Allocation:
- The bug bounty program is open to all individuals and teams.
- The vulnerability must be new and previously undisclosed.
- The vulnerability must be specific to the SOLARR Credit.
- The vulnerability must not be a result of user error or intentional abuse of the platform.
- The vulnerability must be reproducible.
- The vulnerability must be reported at the Bug Bounty Program Form on the Testnet (select the ‘Feedback’ button on the bottom right).
- The report must include a detailed description of the vulnerability, including steps to reproduce it.
- The report must include any supporting evidence, such as screenshots or videos.
- The report must include the severity level of the vulnerability as determined by the reporter.
- The report must be submitted within 7 days of discovery.
5. Review and Verification:
- The NFT pawn and lend platform team will review the report and verify the vulnerability.
- The team will assign a severity level and point value to the vulnerability, which may differ from the reporter’s assessment.
- The team will notify the reporter of the severity level, point value, and the bounty payout amount.
- The total points earned by all the reports will be summed up to determine the percentage of USDT3000 to be awarded to each reporter.
- The payout will be made in USDT.
- The payout will be made after the vulnerability is verified and the community test ends.
- The reporter may choose to donate their portion of the bounty to a designated charity.
- The reporter will receive an email notification with the severity level, point value, and bounty payout amount.
7. Legal Considerations:
- The NFT pawn and lend platform team reserves the right to modify or cancel the bug bounty program at any time.
- The NFT pawn and lend platform team reserves the right to not award a bounty if the vulnerability does not meet the eligibility or reporting criteria.
- The NFT pawn and lend platform team will not take legal action against reporters who act in good faith and follow the rules of the program.
- The NFT pawn and lend platform team will not disclose the reporter’s identity without their permission.
All rights reserved by SOLARR