Support Our Efforts
If you discover a vulnerability, we encourage you to let us know responsibly. By participating in our bug bounty program, you can help make our digital spaces more safe and secure for all.
Earn Rewards for Your Contributions
When you find and report a security vulnerability, we will reward you based on its criticality and impact. Compensation may range anywhere from $5000 to $100,000 depending on what is found and how it matches up against our guidelines.
Users reporting a bug will receive their reward in either USD, ARMSP, or ARMUP tokens, equivalent to the reward amount. Please note that only one of these options can be selected for each reward.
The Scope of ARMswap's Bug Bounty Program
Our Bug Bounty Program is all about making ARMswap stronger, safer and better for everyone. Here’s what’s in scope:
- All active platform components.
- Developer guides.
- Listed assets and smart contracts.
- Any third-party application built on ARMswap.
Focus:
Issues impacting ARMswap's functionality or transaction capabilities.
We welcome reports on any vulnerabilities that could affect our core operations. Your insights help us maintain a secure and efficient cross-chain ecosystem.
How to Report Issues
Found a bug? Send the details of the bug via our User Contribution Form. Please provide a clear explanation and steps to reproduce the issue, either in writing or with a video.
Rules to Win a Reward
To qualify for a bounty, you must:
- Discover a new, unreported issue within ARMswap’s BBP scope.
- Provide enough information for our tech team to quickly understand and fix it.
- Report the issue individually or with your company’s permission.
- Not be a current or past ARMswap employee or work with someone currently collaborating with us.
- Ensure your report complies with local laws.
Good Practices
We value ethical security research, so please:
- Follow our rules and any agreements you have with us
- Report issues as soon as possible.
- Avoid accessing or tampering with others’ data, disrupting our system, or causing harm.
- Keep discovered issues confidential until they’re fixed.
- Test only on approved components and respect others' accounts and permissions.
- Refrain from illegal activities like blackmail or threats.
Working with Us
By joining our BBP, you can expect:
- Fair rewards based on the impact of your discovery.
- No legal trouble from us if you follow the BBP guidelines and act in good faith.
- Prompt communication to understand and validate your findings.
- Swift resolution of identified issues.
- Recognition for your contributions if your report leads to improvements.
ARMswap reserves the right to make the final decision on rewards and to update program rules or reject reports if necessary.
Let’s Make ARMswap Secure Together
Join the hunt for bugs and help us make ARMswap even more secure. Discover vulnerabilities, report them, and we’re excited to reward your efforts.