Bug Bounty

Enhancing Security for Hedge's Platform and Smart Contracts

At Hedge, we prioritize the security and integrity of our platform and smart contracts. As part of our commitment to ensuring a safe and reliable investment environment for our users, we are launching a Bug Bounty Program to incentivize security researchers and ethical hackers to identify and report potential vulnerabilities.

Program Details:

Scope:

The Bug Bounty Program covers all aspects of Hedge's platform, including but not limited to:

Smart contracts governing token issuance, transfers, and asset management.
Web and mobile applications.
Backend infrastructure.
APIs and third-party integrations.

Rewards:

The severity of vulnerabilities will determine the reward amount, which will be paid out in either $HDGE or $USDC stablecoin. The severity levels and corresponding reward ranges are as follows:

Critical: Vulnerabilities that pose a significant risk to the security or functionality of the platform, such as remote code execution or unauthorized access to funds. Reward: $5,000 - $10,000.
High: Vulnerabilities that have the potential to cause substantial disruption or loss of user data, such as privilege escalation or SQL injection. Reward: $2,000 - $5,000.
Medium: Vulnerabilities that may lead to moderate disruption or compromise of user accounts, such as cross-site scripting (XSS) or sensitive data exposure. Reward: $500 - $2,000.
Low: Minor vulnerabilities or issues that have minimal impact on security or functionality, such as informational leakage or UI inconsistencies. Reward: $100 - $500.

Rules and Guidelines:

To participate in the Bug Bounty Program, participants must adhere to the following rules and guidelines:

Only submit vulnerabilities that are previously unknown to Hedge's security team.
Provide detailed information about the vulnerability, including steps to reproduce, potential impact, and suggested mitigation measures.
Respect user privacy and refrain from accessing or tampering with user data.
Do not perform any actions that could disrupt the normal operation of Hedge's platform or smart contracts.
Any attempts to exploit vulnerabilities for personal gain will result in disqualification from the program and potential legal action.
Bug bounties can begin after the presale has concluded.

How to Submit:

To submit a vulnerability or report a security issue, please send an email to hello@hdge.fund with the subject line "Bug Bounty Submission." Include a detailed description of the vulnerability and any relevant supporting evidence, such as screenshots or proof-of-concept code.

Acknowledgment and Disclosure:

We are committed to promptly acknowledging and addressing all valid submissions. Once a vulnerability has been verified and remediated, we will publicly acknowledge the researcher's contribution, unless requested otherwise.

By participating in Hedge's Bug Bounty Program, you can help us strengthen the security of our platform and smart contracts, ensuring a safer and more reliable investment experience for all users. Together, we can build a more resilient and secure decentralized finance ecosystem. Thank you for your contributions to the security of Hedge.

PreviousTeam NextFAQ

Last updated 1 year ago

Rewards:

The severity of vulnerabilities will determine the reward amount, which will be paid out in either $HDGE or $USDC stablecoin. The severity levels and corresponding reward ranges are as follows:

Critical: Vulnerabilities that pose a significant risk to the security or functionality of the platform, such as remote code execution or unauthorized access to funds. Reward: $5,000 - $10,000.

High: Vulnerabilities that have the potential to cause substantial disruption or loss of user data, such as privilege escalation or SQL injection. Reward: $2,000 - $5,000.

Medium: Vulnerabilities that may lead to moderate disruption or compromise of user accounts, such as cross-site scripting (XSS) or sensitive data exposure. Reward: $500 - $2,000.

Low: Minor vulnerabilities or issues that have minimal impact on security or functionality, such as informational leakage or UI inconsistencies. Reward: $100 - $500.

Rules and Guidelines:

To participate in the Bug Bounty Program, participants must adhere to the following rules and guidelines:

Only submit vulnerabilities that are previously unknown to Hedge's security team.

Provide detailed information about the vulnerability, including steps to reproduce, potential impact, and suggested mitigation measures.

Respect user privacy and refrain from accessing or tampering with user data.

Do not perform any actions that could disrupt the normal operation of Hedge's platform or smart contracts.

Any attempts to exploit vulnerabilities for personal gain will result in disqualification from the program and potential legal action.

Bug bounties can begin after the presale has concluded.

How to Submit:

Acknowledgment and Disclosure: