Dear Coinstore Users,
We are excited to announce the launch of our Bug Bounty Program! At Coinstore, we place great importance on the security and reliability of our platform. To maintain our high standards and continuously improve our services, we invite security researchers, ethical hackers, and technical enthusiasts to participate in our Bug Bounty Program.
TL;DR
- Submit link: https://docs.google.com/forms/d/e/1FAIpQLSckwtnYMzwRVNmoUgphOWtY8GXXj0eq184B8YWAen_OJEr21A/viewform
-
Rewards: From future bonus to $2000, depending on Bug Severity. Join us and submit now, you can get rewards.
Details
Program Overview:
The Coinstore Bug Bounty Program aims to identify and resolve vulnerabilities in our platform to ensure a safe trading environment for all users. Participants who successfully discover and report valid security issues will be rewarded based on the severity of the vulnerability.
Reward Structure:
- Critical: Up to $2,000
- Medium: Up to $500
- Minor Issue / Documentation Error: Futures Bonus
Duration:
The Bug Bounty Program will run from Aug 15, 2024, to Sep 15, 2024.
Submission:
All bug reports should be submitted through our Google Sheet submission form. This allows us to efficiently track and respond to each report.
Scope:
The Bug Bounty Program covers all Coinstore web and mobile applications, including but not limited to:
-
Account and authentication processes
-
Trading systems(including spot and futures trading)
-
Transfer systems
-
Web3 wallet services
-
API endpoints
Submission Guidelines:
To participate, please follow these steps:
-
Identify a valid security vulnerability within the scope.
-
Report the vulnerability through our Bug Bounty Submission Form. Please provide detailed information, including steps to reproduce the issue, the impact of the vulnerability, and any relevant screenshots or videos.
-
Our security team will review your submission and determine its validity and severity.
-
Upon verification, you will be notified and rewarded accordingly.
Terms and Conditions:
-
Only the first person to report a valid vulnerability is eligible for a reward.
-
Public disclosure of the vulnerability before resolution will disqualify the submission.
-
Coinstore employees and their families are not eligible to participate.
-
All decisions regarding the Bug Bounty Program are at the sole discretion of Coinstore.
We greatly appreciate your efforts in helping us enhance the security of our platform. Thank you for your participation and continued support.
Sincerely,
The Coinstore Team