code-423n4 / org

Code4rena Governance and Discussion
70 stars 17 forks source link

Rules about overinflated for severity #123

Open JeffCX opened 1 year ago

JeffCX commented 1 year ago

https://docs.code4rena.com/awarding/incentive-model-and-awards#satisfactory-unsatisfactory-submissions

It is possible for a submission to be technically valid and still unsatisfactory. An “unsatisfactory” submission may meet any of these criteria:

clearly overinflated severity

emm I thought if the impact is medium, the warden submit the impact as high, it should be downgraded to medium instead of invalid

if the report is a valuable submission, the warden submit the impact as medium or high, it should be downgarded to QA instead of invalid

GalloDaSballo commented 1 year ago

I generally believe that off-by-one is acceptable with notable exception of findings that are already clearly labelled in the org (e.g. 2 step error as Med is an insta scrap)