errors I found in a well know crypto tax app

ABCbits

legendary

Activity: 2870

Merit: 7490

Crypto Swap Exchange

Quote from: Unsaint32 on October 01, 2021, 05:30:56 PM

Here is my question. Considering the critical nature of the errors I discovered, I feel I deserve some form of a reward. Reasonably speaking, what kind of reward do you think I could ask for?

I doubt error/bug you found could be categorized as critical. Most of critical vulnerability i know is about enabling hacker take control over your computer or steal your data (if it's encrypted). Even so, if it's subscription-based app/service, i would ask for few months of free subscription.

nullama

hero member

Activity: 1008

Merit: 960

Quote from: Unsaint32 on October 01, 2021, 05:30:56 PM

Here is my question. Considering the critical nature of the errors I discovered, I feel I deserve some form of a reward. Reasonably speaking, what kind of reward do you think I could ask for?

Best case scenario, the devs fix the bug you reported quickly. That's probably going to be the only reward you'll get.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: Unsaint32 on October 01, 2021, 05:30:56 PM

Considering the critical nature of the errors I discovered, I feel I deserve some form of a reward. Reasonably speaking, what kind of reward do you think I could ask for?

You didn't report a security vulnerability in the app, so you are not entitled to a reward.

Bug reports like the one you just reported are almost never covered in bug bounty programs. [then again, this would be a different story if you did this as part of AWS Bugbust program of something similar.]

n0nce

hero member

Activity: 882

Merit: 5834

not your keys, not your coins!

You're probably thinking about stuff like bug bounty programs. The reality though is that even if you had found a security critical bug AND the company had a bug bounty program in place, they may just not pay. Most companies are very stingy and don't like to pay even for good bugs. They're also not forced to pay either, right. Few bug hounters actually live on it since the rewards aren't as high as most people seem to think and because of the uncertainty of getting paid or not.

Now in your case, you found a miscalculation bug of the taxes or something like that, but nothing security critical. So there's no security hole, no exploit, no bug bounty program (I suppose? Not many app companies have them), I don't think a bounty is in sight, sorry Cheesy

BitMaxz

legendary

Activity: 3374

Merit: 3095

Playbet.io - Crypto Casino and Sportsbook

What crypto tax app do you talking about?

For a reward, it depends on what app you talking about there are apps out there that devs don't care about the error.

Try to check their official website or app itself if there is a help button or use Google to search this app including bug reports if you can find that they will reward people who found errors and bugs that could affect their business then report it right away and provide your evidence.

Unsaint32

newbie

Activity: 29

Merit: 7

I used an online crypto tax app this year. It is one of the well known apps.
   However, I found two errors in the app. As far as I know these errors only apply to the coin transactions I made at the Kraken exchange. 1-The app was processing my buy transactions as receive transactions. 2-The app was not including crypto selling fees in the cost basis. Both of these would negatively affect my tax situation.
   I let the company know about these issues. The company representative contacted their dev team. She said they will run affected user analysis and notify the users.
   Here is my question. Considering the critical nature of the errors I discovered, I feel I deserve some form of a reward. Reasonably speaking, what kind of reward do you think I could ask for?

Topic: errors I found in a well know crypto tax app (Read 85 times)