Page cover

BUG BOUNTY PROGRAM

Overview

At CipherX, the security of our platform and user data is our highest priority. To continually strengthen our defenses, we’ve established the CipherX Bug Bounty Program, offering rewards of up to $10,000 for individuals or teams who identify and responsibly report significant vulnerabilities within our systems.

Managed directly by the CipherX security team, payouts are made in the stablecoin of the reporter’s choice, ensuring both flexibility and convenience for participants.

Criteria for Eligibility

Essential Requirements

To qualify for a bug bounty, reported vulnerabilities must meet the following criteria:

  • Novelty: The issue must be previously unknown to the CipherX team and not already reported by another participant.

  • Significance: It must pose a substantial risk to the integrity, availability, or confidentiality of the CipherX platform or user data.

  • Exploitability: The vulnerability should enable unauthorized access, control, or manipulation of CipherX systems, accounts, or funds.

  • Specificity: The issue must be unique to CipherX and not a general flaw affecting external or third-party systems.

  • Responsible Reporting: All reports must follow ethical disclosure practices, granting CipherX sufficient time to resolve the issue before any public release.

  • Detailed Reporting: Reports must include clear, reproducible steps, relevant logs or scripts, and any other supporting details that assist in validation.

How to Participate

Steps for Engagement

  1. Assessment: Conduct a thorough analysis of the CipherX platform to identify potential vulnerabilities.

  2. Reporting: Send a detailed report of your findings to ops@cipherx.com.

  3. Confirmation: Wait for our acknowledgment confirming receipt and the start of the internal review process.

  4. Collaboration: Work with our team to reproduce and verify the reported issue.

  5. Resolution & Reward: Once the vulnerability is confirmed and resolved, receive your bug bounty payout.

Evaluation Process

Stages of Review

  1. Initial Submission: Submit your vulnerability report to ops@cipherx.com.

  2. Internal Review: The CipherX team evaluates the report for validity, scope, and impact.

  3. Collaborative Meeting: A short discussion may be scheduled with the reporter to clarify findings.

  4. Criteria Verification: The team confirms that the issue meets all eligibility requirements for the program.

  5. Recognition & Reward: Valid reports are rewarded accordingly, and contributors are optionally publicly acknowledged for their valuable security research.

PreviousBuybacks and Staking FlowNextAPI DOCUMENTATION

Last updated