Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
17 lines (12 sloc) 1.04 KB

Bug Bounty

We have an ongoing bug bounty program for security-related bugs that compromise key security.

The tiers are as follows:

  • Critical ($5,000) - Bugs that allow theft of user keys under normal operating conditions
    • Eg. Ability to access private key from the dapp JS context
  • High ($2,500) - Bugs that restrict user access to keys, cause loss of funds, system failure, or theft of user keys under restricted operating conditions.
    • Eg. Ability to reset a user's account to a new private key so they are unable to access their funds
  • Medium ($1,000) - Bugs that affect user access, cause service downtime, or affect usability of the system
    • Eg. Restricting logins for users so they are unable to access their wallet at certain times
  • Low ($200) - Bugs that do not directly compromise security but have the potential to affect users adversely
    • Eg. Spoofing emails, presenting wrong information on the wallet

In order to ensure that your bug report is valid and has not already been reported, please reach out to hello@tor.us directly.

You can’t perform that action at this time.