Bug Bounty

Security is our top priority. The Exchange cryptocurrency exchange cares about the security of each user. Therefore, we encourage finding vulnerabilities on the exchange and pay rewards for their discovery.

To be eligible to receive a reward for finding a vulnerability, you need to:

Inform us about the vulnerability

Do not disclose information about it and give us sufficient time to fix the vulnerability

Make the necessary efforts

To avoid damage to the exchange and its users.

Do not mislead

Users and/or exchange employees during the search and elimination of the vulnerability.

Reward

We do not limit the maximum amount of rewards and can increase the reward depending on the severity of the vulnerability. You are more likely to receive an increased reward if you show how the vulnerability can be used to cause maximum harm.

Here is a list of approximate rewards for finding vulnerabilities:

Remote code execution

$5000

Manipulation of user balances

$3000

XSS/CSRF/Clickjacking affecting actions with user balances/trading/exchange/deposit

$2000

Theft of information related to passwords/API keys/personal information

$2000

Partial authentication bypass

$1500

Other vulnerabilities that can lead to financial losses or data leakage

$500

Other CSRF (except CSRF logout)

$500

Rewards will NOT be granted for DDoS, Self-XSS, Spam, Social engineering attacks.

Have you found a vulnerability?

To report it, send us an email; we will contact you as soon as possible and resolve the issue.

Contact Support Send vulnerability to Security