Bug Bounty

The safety of our clients, the reliable storage of personal information and assets is our priority, which we pay great attention to. We regularly increase the level of platform security. To detect possible vulnerabilities, we launch a Bounty Bug, which will allow us to identify possible errors, and you will receive a reward for finding them. We are confident in the safety of our platform, however, we strive for excellence and will be happy to pay a reward and fix the discovered vulnerability.

What bugs are we ready to pay for?

  • Cross-site request forgery (CSRF)
  • Crossite scripting (XSS)
  • Code injection
  • Remote code execution
  • Privilege escalation
  • Authentication Bypass
  • ClickJacking
  • Confidential Data Leak
What will we not pay for?
  • Distributed Denial of Service (DDOS), etc.
  • Hacking other accounts on our platform
  • Password matching and port scanning

Participants of the Bounty Bug who find a vulnerability in the system of the 3ARBS platform and will not use this bug to illegally obtain profit are not cybercriminals but will receive a generous reward for their help.

Rewards

Regarding the size of the reward: there is no specific amount - it depends on the severity of the vulnerability you found. You can get an increased amount of reward if the participants of the Bounty Bug if you not only find a bug in the system but also report on how much damage this vulnerability could cause.

How to report a bug

  • Send bug report to [email protected]
  • Try to cover as much information as possible in your report, including the error description, its potential impact, and steps for reproducing it or confirming the concept.
  • Enter your BTC address for payment.
  • Please wait 3 work days before resending your email.
We thank all the participants of the Bug Bounty for assistance in developing and improving the 3ARBS platform!