Bug Bounties
The rissot.to bug bounty program is focused around our smart contracts, websites, and apps with a primary interest in the prevention of loss of user funds, either by direct draining of locked funds
Smart Contracts and Blockchain*
Level | |
Critical | up to USD $ (TBC) |
High | USD $ (TBC) |
Medium | USD $ (TBC) |
Low | USD $ (TBC) |
*All bug reports must include a Proof of Concept demonstrating how the vulnerability can be exploited to be eligible for a reward. This may be a smart contract itself or a transaction.
Website and Apps
Level | |
Critical* | USD $ (TBC) |
High | USD $ (TBC) |
Medium | USD $ (TBC) |
*XSS reports are restricted to those that have an impact of prompting a user to sign a transaction or a redirect.
*TBC = To Be Confirmed
All payouts are done by the rissot.to team and are pegged to the USD values set here and are payable in RSOT or USDT.
Last updated