Vulnerability Disclosure Procedure At Bearland, we take every measure necessary to ensure the security of the platform. If you are a security researcher and took a look at some of our code, contracts, or websites and found a vulnerability, you're eligible for a bounty for doing a responsible disclosure of that bug.
- Code in Scope The code from the following repositories is in scope of this program:
marketplace builder kernel ui decentraland-dapps builder-server documentation catalyst land marketplace-contracts bid-contract As well as the following web properties:
*.bears.finance 2. Report the vulnerability Please send us this detailed description to [email protected]. Include an ethereum address that you control in order for the bounty to be awarded.
Such report should include:
Conditions for the bug to be triggered Background and information about how the bug was found Instructions to find the critical lines affected Unit tests or instructions to trigger the bug 3. Compensation Our team will assess each submission individually and assign a level of severity according to its likelihood and impact Compensation will depend on the severity of the issue found.
Low: Up to $1,500 USD
Medium: Up to $3,200 USD
High: Up to $6,500 USD
Critical: Up to $19,000 USD
Note that assesment and award of the bounty might take up to 60 days to process and validate, and that the payment will be conducted in a stablecoin over the Ethereum network.