Hello everyone!
Jax.Money is setting the stage to power an energy-standard monetary system that issues localized stablecoins.
Our global stablecoin payments system has 100% on-chain reserves backed by energy spent, and based on the Proof-of-Work consensus mechanism. This platform allows users to issue localized derivatives soft-pegged to an energy-underwritten stablecoin (Wrapped JAX).
Salient features of Jax.Money:
- Fully backed by Proof of On-Chain reserves of energy tokens
- Democratic, decentralized, auditable system
- Security Audit by Certik
We are running a global bounty program to test our Jax.Money platform and bring the revolutionary blockchain use case to the forefront for millions of users.
Scope
The scope of the bug bounty program will include any code, UI or general functionality bugs and is limited to the types of bugs listed below (in detail).
The purpose of the bounty is to invite the community to conduct the security and functionality testing of the Jax.Money platform on the testnet.
We are offering a reward prize for uncovering any flaws or bugs in security and supporting us in the development of a robust platform — Jax.Money.
When reporting vulnerabilities, please consider:
(1) attack scenario / exploitability, and
(2) security impact of the bug.
Categories/Environment for testing:
- Jax Wallet [Download] → Only Android: https://portal.testapp.io/apps/install/d34jlRDbeBJNj
- Github code [Link] → https://github.com/jaxwallet/jax-defi
- End-to-end Website testing [Link] → https://beta.jax.money/
Prerequisite for testnet:
1. Create a testnet
- Connect Metamask
- Custom RPC: Enter in the BSC testnet details as follows
- Network Name: BSC Testnet
- New RPC URL: https://data-seed-prebsc-1-s1.binance.org:8545
- ChainID: 97
- Symbol: BNB
- Block Explorer URL: https://explorer.binance.org/smart-testnet
- Then press “Save”
2. Import tokens
Faucet funds for the following tokens (WJAX, JAXUD, JAXRE, BUSD, WJXN, VRP)
You can receive tokens from the faucet here:
https://beta.jax.money/testfaucet.html
Make sure your wallet is connected and is running on the BSC test network.
Click on “Get Tokens” tab to add tokens to your wallet
After this, token addresses and faucet funds will automatically get added to your wallet.
Note: This may take a minute or two to get added to your wallet. Each user will receive 10,000 tokens of each of the tokens (WJXN, WJAX, JAXUD, JAXRE and BUSD).
If tokens are not added to your wallet, try creating a new wallet and repeating the above steps in a separate tab.
OR
Step 1: Import Tokens into your BEP-20-compatible wallet (eg: Metamask)
Step 2: Copy the Token address and add to your wallet:
WJXN: 0x3A171b7C5d671e3C4Bb5823b8FD265F4E4e9a399
WJAX: 0x783f4A2EfAB4f34D6a0D88b71cf1FAc6d9B46FF0
JAXUD: 0xB8BDD95b52Ea5B815aAA214aeDB8d01Aed787157
JAXRE: 0xEc7D5848F88246cA6984b8019d08B8524793b062
BUSD: 0xa51BcDc792285598Ba7443c71D557e0B7Df6f991
VRP: 0x7EcaA5D422b91578899c0dEAD2891c127865c996
The Bounty program has 3 levels for vulnerability resolution:
Participants can record the fields and the descriptions of the bugs (on the form provided). The team will internally categorize the bugs into the three categories mentioned above and rewards will be allocated accordingly. While participants can categorize the bugs according to what they feel is Low, Medium, Highly-Critical. But the ultimate categorization will be at the discretion of the tech team and what they feel should be in the above categories.
Example (Format) :
Name of bug - Low Level -
Deposit function - Low - link not working, redirects to an unknown page
Bounty related doubts: Everyone should raise your questions in this bounty Telegram group, NOT in the main chat.
Proof of Authentication
Forum Username: @xyzdec
Forum Account link: www.bitcointalk.forum/xyzdec
Telegram Username: @xyzdec
Participating Campaigns: (Wallet, Code, Website)
Details for End-to-end Website testing
To perform any kind of transaction please make sure that your wallet has some BNB Test tokens.
If you do not have them please receive them from here --> https://testnet.binance.org/faucet-smart
Copy & Paste wallet address > Click on drop down “Give me BNB”. You should receive 1 BNB Test tokens in your wallet. This is enough to test the platform.
Stake:
- BUSD (https://beta.jax.money/swap_busd.php)
(50% WJAX | 50% BUSD)
- WJXN (https://beta.jax.money/swap_wjxn.php)
(convert to VRP tokens)
- Vote for a governor
(https://beta.jax.money/dashboard.php)
- Deposit (function)
- Unstake (function))
- Pending Yield (function)
- Harvest (function)
Swap: (https://beta.jax.money/swap_wjax.php)
- WJAX <--> BUSD, WJAX <--> JAXRE
- JAXUD <--> JAXRE, JAXUD <--> WJAX, JAXUD <--> BUSD
- JAXRE <--> JAXUD, JAXRE <--> WJAX, JAXRE <--> BUSD
- BUSD <--> JAXRE, BUSD <--> JAXUD
Transactions:
- Sending and receiving transactions
- $WJAX
- $JAXUD
- $JAXRE
[For every transaction - transaction fees is collected:
Transaction fees split:
Transaction fee wallet* (capped value : eg 5 $WJAX)
- Cashback (10%)
- Referral (30%) - (70%, 10%, 10%, 10%)
- DAO Tax (0.1%)
- UBI Tax (0.1%)]
*Transaction fee wallet: (approx 60%-90%[without the referral fee added])
- Governor (10%)
- VRP (45%)
- LP yield (45%)
Fill out the participating form
For any other steps like connecting wallet or how to receive other tokens you can use the resources in the link below:
General: https://jax-network.gitbook.io/jax-money/
How to earn with Jax.Money: https://jax-network.gitbook.io/jax-money/how-to-earn-with-jax.money
Referral program: https://jax-network.gitbook.io/jax-money/referral-program
How to swap: https://jax-network.gitbook.io/jax-money/guides/how-to-swap
How to get VRP tokens: https://jax-network.gitbook.io/jax-money/guides/how-to-get-vrp-tokens
How to check yield: https://jax-network.gitbook.io/jax-money/guides/how-to-check-my-yield
Duration for the Bounty
The bounty program to find vulnerabilities has a duration of 4 weeks (or less).
Start date: February 15, 2022. End date: March 14th, 2022.
Please Note: We can end the bug bounty before the due date.
Please take into consideration the deadline to submit any reports.
If you discover any other areas which may be considered as an exploitable vulnerability or harm the integrity of the platform or crypto asset, please reach out to [email protected] and we will discuss on a case-by-case basis.
Bounty program rules:
[1] Find the Bug and if it is proven then $WJXN tokens will be rewarded.
[2] Give your valuable suggestions, if implemented then $WJXN tokens will be rewarded.
[3] Our team will be checking the bugs on a weekly basis. The form can be filled anytime from Tuesday through Monday. Qualified bugs will receive bounty rewards in the following week on Mondays after the bug is reported.
Bug submission Date : Rewards date
15th Feb - 21 Feb : Rewards on 28th Feb
22 Feb - 28th Feb : Rewards on 7th March
1st March - 7th March : Rewards on 14th March
8th March - 14th March : Rewards on 21st March
[4] Filling up the form is required to participate in bug bounty.
[5] Any suspicious activity or use of multiple accounts is strictly not allowed, if found the account of that user will be suspended without any prior notice.
[6] Jax.Network reserves the rights of any changes in payment of reward and terms & conditions of bounty campaign.
[7] Any kind of Spam, Insult or Abusive comments is strictly prohibited.
[8] Signing up on Jax.Network means the user agrees to the terms & conditions of all services of Jax.Network.
[9] Kindly discuss any matters regarding the bounty only here.
[10] When duplicates occur, we only award the first report that was received (provided that it can be fully reproduced).
[11] All software within the scope of this programme must be run in the testnet mode.
[12] Testnet funds can be retrieved from the faucet at https://beta.jax.money/testfaucet.html
[13] Social engineering (e.g. phishing etc) is prohibited.
[14] Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service.
[15] Please provide detailed reports with reproducible steps. If the report is not detailed enough to reproduce the issue, the issue will not be eligible for a reward.
BUG BOUNTY ENDS ON 14th MARCH, 2022
Please Note: We can end the bug bounty before the due date.
Questions?
In case you have any questions about this program, please do not hesitate to ask the admins in our Telegram channel, who are always happy to help.
**We also propose to have a Bounty Leaderboard that participants can check from time to time to check the progress of our Bug Bounty program.
Follow us on Social Media:
Email : [email protected]
Linkedin : https://www.linkedin.com/company/jax-network/
Twitter : https://twitter.com/CommunityJax
Facebook : https://www.facebook.com/network.jax
Telegram : https://t.me/JAX_Bug_Bounty