Banner object (1)

Hack and Take the Cash !

800 bounties in database
  Back Link to program      
15/10/2018
everiToken | blockchain logo
Thanks
Gift
Hall of Fame
Reward

Reward

500 HKN 

In Scope

Scope Type Scope Name
undefined SDK - evtjs
undefined Blockchain - evt

everiToken | blockchain

everiToken is world's first token-customized public chain aiming to be the best infrastructure to tokenize everything and for token economy. After a successful mainnet launch on 2018/07/31, everiToken has achieved high TPS(5,000+), high security and high standardization

__Scope

In Scope

Target | Type | Severity | Reward
---|---|---|---

SDK - evtjs

| SDK | Critical | Bounty

Blockchain - evt

| Blockchain | Critical | Bounty

__Rewards

Severity (CVSSv3) | Reward
---|---
Critical | 5000$
High | 2500$
Medium | 1000$
Low | 500$

__Focus Area

Documentation


In-Scope Vulnerabilities


Common examples of security issues in scope of the program for EVT are listed below:

  • Single Node DoS - any node crash via API, requests etc.
  • EVT DoS - blockchain crash via breaking consensus, API and other requests etc.
  • API access control violations - gaining access to privileged functions
  • Attacks on cryptography
  • Transaction / messages malleability
  • Lack of validation for transactions, blocks etc.
  • Standards violations
  • For issues that are not listed above, EVT appreciates reports that demonstrate vulnerabilities for the blockchain. Those reports are rewarded in accordance to the severity of the vulnerability.

__Program Rules

  • Avoid compromising any personal data, interruption or degradation of any service .
  • Don’t access or modify other user data, localize all tests to your accounts.
  • Don’t exploit any DoS/DDoS vulnerabilities, social engineering attacks or spam.
  • In case you find chain vulnerabilities we pay only for vulnerability with the highest severity.
  • Only the first valid bug is eligible for reward.
  • Don’t disclose publicly any vulnerability until you are granted permission to do so.
  • Don’t break any law and stay in the defined scope.
  • Comply with the rules of the program.
  • The rewards will be paid out in HKN based on the current price.
  • Any details of found vulnerabilities must not be communicated to anyone who is not a HackenProof Team or an authorized employee of this Company without appropriate permission.

FireBounty © 2015-2019

Legal notices