The BugBounty program is operated to prevent security threats and to provide secure services for users by rewarding security professionals around the world with appropriate benefits for their effort of diagnosing BTourChain service vulnerabilities.
Target vulnerabilities arising from websites or apps provided by the BTourchain.
Please report any security vulnerabilities through firstname.lastname@example.org. Please include the following in the report.
- Vulnerability name
- Vulnerability discovery method
- Code to replicate the bug
- Occurred service and domain
- Description of what security threat the vulnerability poses
Depending on the level of the report, the MSOT token will be paid to the informant through an internal review.
Limitations and Disclosure Policies
The restrictions and disclosure policies are as follows:
- Please refrain from disclosing the vulnerability externally until the security vulnerability issue is resolved. Compensation payments may be cancelled upon disclosure.
- Please refrain from doing anything that could harm other users based on vulnerabilities.
- Presenting disclosed vulnerabilities or possibilities without proofs will be excluding from rewards.
- Presenting internally aware vulnerabilities will be excluding from rewards.