O3 Docs
Search…
English
Welcome to O3 Docs
O3 Swap V2 (Interchange)
Tokenomics
O3 Vote
Code
O3 Swap User Guide
User Guide
Features Q&A
Resources
O3 Swap V1
Litepaper V1
User Guide
Activity
Ice Age Mining
Cross-chain Airdrop (HT)
Bug Bounty
O3 NFT And Its Mining Function
Contact Us
Contact Us
Hiring
Become a Community Partner
Terms of Service
Powered By GitBook
Bug Bounty
O3 Swap is a cross-chain aggregation platform, allowing users to exchange different assets safely and simply across chains within the decentralized wallets. We are committed to providing a one-stop aggregation & exchange platform for users and offering developers access to an open, distributed, friendly, and secure trading environment.
We welcome outstanding developers and enthusiasts in the blockchain community to share with us critical issues and the techniques used to exploit them. If you think you have found a security bug in our platform, we are happy to work with you to resolve the problem quickly and issue generous and fair rewards in return.

Eligibility

O3 Swap will only issue monetary rewards for reports demonstrating meaningful impact, meaning that the duplicates, invalid bugs, micro vulnerability, and product improvement recommendations will not be included in this bug bounty event. See the following eligibility rules:
  • First come first served, the first party who reports the issue will be considered first.
  • The reported issue has not been disclosed to the public before the O3 Labs team releases the security solution.
  • All reports need to be written in the specific format and send to our official email address: [email protected] (detailed below)

Report and Reward Guidelines

A complete email report should include the following:
  1. 1.
    Email Title:【O3 Swap Bug Bounty】_Bug title
  2. 2.
    Issue Description: A detailed description of the reported problem should include the sufficient information allowing the O3 Labs team to reasonably reproduce the problem.
  3. 3.
    Reproduce Steps: Any prerequisites and steps to reproduce the affected state.
  4. 4.
    Additional Information: How this issue affects the system security and what is your opinion/suggestion on the technical solution.
  5. 5.
    Send your Report: Send your report by email to [email protected]. Include relevant video demonstrations, analytic data, compiled and source codes, crash logs, and/or system diagnosis reports in the attachment if needed.
After we receive your email, we need some days to review and check. Only when the issue is proved by our technical team, we will reply to you for more information.

Risk Level

  1. 1.
    Critical: Issues that cause a privilege escalation from unprivileged to admin or allow for remote execution, source core data reveal, financial theft, etc.
  2. 2.
    High: Issues that affect the security of the platform including the processes it supports. Serious logic design defects, smart contract authority control defects.
  3. 3.
    Medium: Issues that affect multiple users and require little or no user interaction to trigger. Ordinary unauthorized operation. Leakage of local-stored sensitive information.
  4. 4.
    Low: Issues that affect singular users and require interaction or significant prerequisites to trigger. Other vulnerabilities that are less harmful and cannot be proved.

Disclaimer

O3 Labs reserves the right to modify terms, rewards amount, and risk conditions of this bounty event and your participation in the program constitutes acceptance of all terms. For the protection of users, O3 Labs doesn't disclose security issues until our investigation is complete and any necessary updates are generally available.
Previous
Cross-chain Airdrop (HT)
Next
O3 NFT And Its Mining Function
Last modified 9mo ago
Copy link
On this page
Eligibility
Report and Reward Guidelines
Risk Level
Disclaimer