The ETERBASE Bug Bounty program is open to the public. Any security researcher can take part and report potential security vulnerabilities in the ETERBASE products.
Bug Bounty Reports should be related only to our key services:
- ETERBASE Web Site: https://eterbase.com
- ETERBASE Exchange: https://eterbase.exchange
- ETERBASE API: https://api.eterbase.exchange
Key requirements for Bug Bounty Reports are:
- Your contact information (name and email)
- Bug description
- Steps to reproduce
- URL related to your finding
- Any attachments (document or image)
ETERBASE Security Team is responsible for the evaluation of each reported bug record and can take up to 14 days to contact the Bug Reporter regarding more details or provide feedback about related rewards.
Please be aware that we will reward the same issue only once. The reward is valid only for the 1st Bug Reporter that will report a specific issue/bug. Our Security team will evaluate each report (bug), compare that with our existing backlog, and inform Bug Reported about the final result.
Reward amounts for Security Vulnerabilities
|Category / Severity||Critical||High||Medium||Low|
|Remote code execution||120 000||100 000||80 000||n/a|
|Unrestricted file system or database access||100 000||80 000||60 000||n/a|
|Logic flaw bugs leaking or bypassing significant security controls||80 000||60 000||45 000||25 000|
|Execute code on the client-side||60 000||45 000||25 000||15 000|
|Other valid security vulnerabilities||30 000||25 000||15 000||10 000|
All values listed above in the table are in XBASE Coin.
Submit your finding via our contact form.