Banner object (1)

Hack and Take the Cash !

676 bounties in database
20/10/2018

600 HKN 

TTC | SDK Managed by HackenProof

The SDK allows developers and communities to easily integrate TTC Protocol into their services which will grant access to the TTC Ecosystem. The release of TTC SDK lays the foundation for DAPPs in TTC Ecosystem and TReE (TTC Reward Engine.) Currently, TTC SDK is implemented into tataUFO and ALIVE, the first two DAPPs in the TTC Ecosystem.

__Scope

In Scope

Target | Type | Severity | Reward
---|---|---|---

TTC SDK Android

| Android | Critical | Bounty

TTC SDK iOS

| iOS | Critical | Bounty

__Rewards

Severity (CVSSv3) | Reward
---|---
Low | 779 HKN
Medium | 1948 HKN
High | 3896 HKN
Critical | 6493 HKN

__Focus Area

Documentation


  1. TTC SDK Docs - https://docs.ttc.eco/
  2. Getting Started with the TTC SDK for Android - https://docs.ttc.eco/Android/
  3. Getting Started with the TTC SDK for iOS - https://docs.ttc.eco/ios/

In-Scope Vulnerabilities


TTC accepts all reports that demonstrate vulnerabilities and has real-life impact. Those reports are rewarded in accordance to the severity of the vulnerability. Some examples of security issues in scope of the program for TTC are listed below:

  1. Business Logic
  2. Privilege escalation
  3. Cryptography issues
  4. Account management flows
  5. Transactions forging
  6. Database vulnerability
  7. Privilege escalation
  8. Authentication bypass
  9. Sensitive data exposure

__Program Rules

  1. Avoid compromising any personal data, interruption or degradation of any service .
  2. Don’t access or modify other user data, localize all tests to your accounts.
  3. Don’t exploit any DoS/DDoS vulnerabilities, social engineering attacks or spam.
  4. In case you find chain vulnerabilities we pay only for vulnerability with the highest severity.
  5. Only the first valid bug is eligible for reward.
  6. Don’t disclose publicly any vulnerability until you are granted permission to do so.

  7. Don’t break any law and stay in the defined scope.

  8. Any details of found vulnerabilities must not be communicated to anyone who is not a HackenProof Team or an authorized employee of this Company without appropriate permission.
  9. Comply with the rules of the program.
  10. The rewards will be paid out in HKN based on the current price.
Thanks
Gift
Hall of Fame
Reward


List your Bug Bounty for free immediately!

Contact us if you want more information.

FireBounty (c) 2015-2018