BUG BOUNTY PROGRAM

Decubate Bug Bounty

The security of Decubate community members is our number one priority. Get rewarded for identifying areas of improvement or issues with our smart contracts.

Bug bounty details

Decubate’s Bug Bounty program rewards community members for discovering and reporting bugs. The scope of the bounty will be limited to DecubateCrowdfunding.sol, DecubateVesting.sol, DCBToken.sol and the contracts they inherit from.

In the same manner as the Ethereum Bug Bounty Program, submissions will be evaluated by the Decubate team according to the OWASP Risk Assesment Framework, which grades based on both Impact and Likelihood.

Severity levels

Bug severity level and reward qualification are determined at sole discretion of the Decubate Team.

Note

Max. 500 BUSD

Min. 100 BUSD

Low

Max. 2,000 BUSD

Min. 500 BUSD

Medium

Max. 5,000 BUSD

Min. 2,000 BUSD

High

Max. 10,000 BUSD

Min. 5,000 BUSD

Critical

Max. 20,000 BUSD

Min. 10,000 BUSD

Crowdfunding contract

Our crowdfunding contract facilitates transactions of BEP20 tokens between startups and investors. The crowdfunding contract utilizes the ERC20 standard to transfer token balances between counterparties. After approving the contract to transfer their balance, an investor submits a signed order by calling a function “fill”. This function then calls “transfer” on each respective token to complete the investment.

/img/CrowdfundingContract.png
Crowdfunding

CONTRACT

Token contract

The token contract is based on ERC20, but includes some special features. First, the contract owner may lock the transfer tokens to a set of addresses. This function is initially built to decrease the impact of sniping bots, and it gives us the ability to pause transfers in case of a major security vulnerability.

/img/TokenContract.png
Token

CONTRACT

Rules
  • Bounties go to the first to report.
  • Don’t steal or attempt to steal others' funds.
  • Don’t publicly disclose a bug before it has been fixed.
  • Paid auditors of this code are not eligible for rewards.
  • Issues that are mentioned in the security audits are not eligible.
  • Non-security critical issues (style issues, gas optimizations) are not eligible.
  • Determinations of eligibility, score and all terms related to an award are at the sole and final discretion of the Decubate team.
Please take a close look at our contracts on GitHub and submit any issues for review to team@decubate.com

© COPYRIGHT 2021 Decubate B.V. | All rights reserved