Bug Bounty

We are calling on our community to help us identify any bugs or vulnerabilities in our protocol in order to make it as secure as possible. Submit a bug report and earn up to USD$100,000 worth of GFI tokens.

Rewards

Scope & References

Repositories: https://github.com/inthenextversion/audit-gravity-core-ctdsec https://github.com/inthenextversion/audit-gravity-core-obelisk

Rules

• Public disclosure of a vulnerability would make it ineligible for a reward.

• Duplicated issues are not eligible for reward. The first submission is the eligible one.

• If you want to add more information to a provided issue, create a new submission giving reference to the initial one.

• Rewards will be decided on a case by case basis and the bug bounty program, Terms and conditions are at the sole discretion of Gravity Team.

• Rewards will vary depending on the severity of the issue. Other variables considered for rewards include: the quality of the issue description, the instructions for reproducibility, and the quality of the fix (if included).

• Determinations of eligibility, score and all terms related to a reward are at the sole and final discretion of Gravity.

• Submissions need to be related with the Bounty Scope. Submissions out of the Bounty Scope will not be eligible for a reward.

• Any interference with the protocol, client or platform services, on purpose or not, during the process will make the submission process invalid.

• Terms and conditions of the bug bounty process may vary over time.

Submissions

Submit all bug reports via our online form here

Terms

Any activities conducted in a manner consistent with this policy will be considered authorized conduct and we will not initiate legal action against you. If legal action is initiated by a third party against you in connection with activities conducted under this policy, we will take steps to make it known that your actions were conducted in compliance with this policy.