Weekend Bug Bounty - 5 BTC for Major Bugs! 10 BTC for Fatal Flaws!We’ve had several participants and a few false alarms, but so far no one has found a bug in our Smart Contract System yet. We’re challenging anyone out there, over the weekend, to find flaws in our system.
Anonymous submissions welcome! Open for submissions NOW! Deadline for submissions is Tuesday, 12:01 am, September 6th.
ContactEmail your submissions to:
[email protected]Don't forget to include your BTC or ETH address so you can be rewarded. (If more than 1 address is specified, only one will be used at the discretion of the bounty program administrators.)
Major bugs will be rewarded 5 BTC or ETH equivalent. Much higher rewards are possible (up to 10 BTC or ETH equivalent) in case of very severe vulnerabilities.
For questions use the forum
https://forum.singulardtv.com/t/singulardtv-bug-bounty/47 or email
[email protected].
DETAILSThe SingularDTV Token Launch spec is at:
https://singulardtv.com/resources/default/pdf/SingularDTV-TokenLaunchSpecs.pdfMost of the rules on
https://bounty.ethereum.org apply. For example: First come, first serve. Issues that have already been submitted by another user or are already known, such as these, to the team are not eligible for bounty rewards.
Scope of SingularDTV Bounty Program
In scope:https://github.com/ConsenSys/singulardtv-contracts• SingularDTVCrowdfunding.sol
• SingularDTVFund.sol
• SingularDTVToken.sol
• StandardToken.sol
https://github.com/ConsenSys/singulardtv-contracts•
https://github.com/ConsenSys/eth-lightwallet/tree/2a61eab456bb2c0e97c41be209887c8ca9ad43bb/lib•
https://github.com/ConsenSys/hooked-web3-provider/blob/3ae3a4846cb56a9027696c97db6d6e19a9694c1c/app/hooked-web3-provider.es6•
https://gist.github.com/miladmostavi/508f1628e543d10b314d901b8fd9097dOut of scope:• MistWallet.sol
• Bugs related to Internet Explorer
• All browser rendering bugs that don't affect the display of critical information such as ETH, SNGLS
• Most user experience improvements on the frontend
Again, the spec is at:
https://singulardtv.com/resources/default/pdf/SingularDTV-TokenLaunchSpecs.pdf Examples of what’s in scope:• Being able to withdraw more ETH than contributed
• Being able to obtain more tokens (SNGLS) than expected
• Being able to obtain SNGLS from someone without their permission
• Demonstrating that the workshop can transfer their SNGLS before 2 years
• Being able to put SingularDTVCrowdfunding in emergency state by making the checkInvariants() throw
• Bugs in eth-lightwallet that lead to loss or theft of ETH
• Bugs causing a transaction to be sent that was different from what user confirmed: for example, user transfers 10 SNGLS in the UI, but exactly 10 wasn't transferred.
Examples of what’s out of scope:• Being able to softWithdraw another person's revenue
• Most user experience improvements on the frontend, for example some part of the website doesn't update unless the page is refreshed
Thank you!
[email protected]