Open yuchenlintt opened 2 years ago
Issue Status: 1. Open 2. Started 3. Submitted 4. Done
This issue now has a funding of 5000.0 USDC (5000.0 USD @ $1.0/USDC) attached to it.
Issue Status: 1. Open 2. Started 3. Submitted 4. Done
Work has been started.
These users each claimed they can complete the work by 264 years, 6 months from now. Please review their action plans below:
1) minhquanym has started work.
Working on source code of lending marketplace v2 smart contract 2) lokithe5th has started work.
I will review the code within the scope of the bounty for any vulnerabilities. 3) rubydusa has started work.
I will review the code within the scope of the bounty for any vulnerabilities 4) ferdiakhmadirawan44 has started work.
A worthy project for future stability of Cryptocurreny users According to Testing rules
Learn more on the Gitcoin Issue Details page.
Issue Status: 1. Open 2. Started 3. Submitted 4. Done
Work for 5000.0 USDC (5000.0 USD @ $1.0/USDC) has been submitted by:
@yuchenlintt please take a look at the submitted work:
About
TrueFi is an uncollateralized lending platform with over $1B+ loans originated.
This bug bounty covers new, pre-audit code with injected bugs.
During development, our eng team intentionally introduced vulnerabilities so we can benchmark our internal red team, external auditors, and this bug bounty. Thus we anticipate it will be easier to find bugs here than in a typical bug bounty. Think of this as like a CTF, with extra bonuses for original findings.
Rewards
Our rewards are based on the severity of a vulnerability. TrustToken uses CVSS 3.0 (Common Vulnerability Scoring Standard) and the total percentage of potential capital loss to calculate severity. Please note, however, that reward decisions are up to the discretion of TrustToken and reward amounts may be adjusted during the program.
Program Rules
Scope
Repository: https://github.com/trusttoken/contracts-helium
Commit hash: 0fe54efa2f1198b63bba12c65bb1a63d097b7d9c
The audit scope consists of the following contracts:
Base Portfolio:
Flexible Portfolio + Fixed Interest Only Loans:
Automated Line of Credit:
Governance:
Others:
Note that BulletLoans (and related contracts) are not used and can be treated as Mocks.
Injected Bugs
The following are precommitment hashes of descriptions of our possible injected bugs:
After conclusion of the bounty and internal/external audits, we plan to reveal and fix these possible injected bugs.