View our bounties:
- Gitcoin: https://gitcoin.co/profile/PolymathNetwork
- Solidified: https://web.solidified.io/contract/5b883dddfd407500116a9d09
Bug Bounty Details
The bug bounty program will run on an ongoing basis. Rewards will be assessed based on the OWASP framework, and paid in ETH or POLY according to the developer’s preference. The Polymath Network smart contracts included in this bug bounty can be found at: https://github.com/PolymathNetwork/polymath-core/contracts The best way to communicate with our team is via our Github Repository Issues or via our Gitter Channel.
Please refer to the above links for additional information on how to submit & contribute to our bug bounty program
Responsible Disclosure Guidelines
We ask that you follow the following responsible disclosure guidelines:
Do not exploit a security vulnerability you discover for any reason.
Make a good faith effort to avoid privacy violations.
Give us a disclosure deadline on any vulnerability you report, consistent with complexity of the fix. Please give us a reasonable amount of time (minimum 2 weeks) to correct the issue before making the exploit public.
Give us 3 business days to respond to your report. We will provide our assessment of the severity of the vulnerability and our timeline for patching it based on our internal assessment of when we can have a fix in place.