Author

Topic: [BUG BOUNTY] [ANN] | Gimmer | Automated Crypto-Trading DApp | (Read 528 times)

full member
Activity: 952
Merit: 166
Do give your reviews.
newbie
Activity: 16
Merit: 0
i very interested in this.
 Smiley
full member
Activity: 952
Merit: 166
Do join us and give constructive feedback
jr. member
Activity: 98
Merit: 7
full member
Activity: 952
Merit: 166
full member
Activity: 952
Merit: 166
full member
Activity: 952
Merit: 166
The Bounty Campaign will now be handled by Rok420
This thread is shifted to : https://bitcointalksearch.org/topic/bug-bounty-ann-gimmer-automated-crypto-trading-dapp-2760727

We are happy to announce the Gimmer Bug Bounty programme, which will continue till the end of the Token Sale.

Website
                  Telegram


As announced prior in our Bounty Thread, we have allocated 1% of the GMR Tokens sold for the Phase-2 of the Bounty. This will have upto a total of 1,000,000 GMR Tokens at Hard Cap sales.


The allocation will be :
Bug Bounty : 30% (Upto 300,000 GMR)
Referral Bounty : 30% (Upto 300,000GMR)
Bot Wars (Gimmer Contest) : 20% (Upto 200,000 GMR)
Discretionary Bounty : 20% (Upto 200,000 GMR)
The bounty judges will determine the size of the stakes reward (which can convert up to 10 ETH max. for an individual), based on their evaluation of both the likelihood and impact of the bug.

Low:  Upto 1000 stakes
Medium: Upto 3000 stakes,
Severe: Upto 7000 stakes,


 
Please send your bug reports to [email protected], with the subject “BUG BOUNTY” and do join us on our Bug Bounty Telegram Channel. As soon as your bug report is received, our bounty judges will evaluate the severity of the bug and will contact you.


Most of the rules on the Ethereum Foundation bug bounty program apply:


First come, first served.
Issues that have already been submitted by another user or are already known to Cappasity are not eligible for bounty rewards.
Public disclosure of a vulnerability makes it ineligible for a bounty.
Paid auditors of the code are not eligible for rewards.
Determinations of eligibility, score and all terms related to the award are at the sole and final discretion of Gimmer.

Scope


Find bugs in all contracts related to the Gimmer crowdsale. You may find them in our GitHub repository.
Test  and search for bugs there. It is important to do testing on computers that comply with the minimum configuration.
Test the platform. Provide us with the information on ways to disable or disrupt the security system and its database.
Find an attack on the website or via a user account. Please describe the way attackers deceive contributors.
If none of the above describes your request, you still have a chance to receive a reward by sending the found vulnerabilities to us.



Files that should be scavenged for bugs:


GimmerTokenSale.sol
https://github.com/GimmerBot/gmr-token/blob/master/contracts/GimmerTokenSale.sol
Manages PreSale and Crowd Sale transactions. Highest priority to bugscavenge, as the code is mostly new and directly related to our specific token sale rules.  

GimmerTokenSale.js
https://github.com/GimmerBot/gmr-token/blob/master/test/GimmerTokenSale.js
Automated tests for both the Token Sale and GMR Token contracts. Coverage tests using this file can achieve 94% coverage (100% seems impossible at the moment as there are lines in the contract that can never be executed because of date limitations).

GimmerToken.sol
https://github.com/GimmerBot/gmr-token/blob/master/contracts/GimmerToken.sol
Contract file for the GMR token. Basically a MintableToken with the addition that it can only be traded after minting is complete. Code for the GimmerToken is mostly Zeppelins with the addition of the trading block, so for this file in particular we were already covered by Zeppelins.


Latest PDF Documentation for the contracts:
https://github.com/GimmerBot/gmr-token/blob/master/documentation/GimmerTokenSaleContracts.pdf


Be WARNED that leaking any vulnerability of the platform on any social media platforms or channels will lead to cancellation of Bounty and might also invite legal action.



We would be happy to reward you Bug Bounty in the form of GMR tokens if you find out vulnerabilities which would affect the Gimmer ITO launch, in case those backdoors are left open.


HAPPY  BUG HUNTING !!!
Jump to: