Open riversyang opened 3 years ago
gitcoinbot
commented
3 years ago Issue Status: 1. Open 2. Started 3. Submitted 4. Done
This issue now has a funding of 0.01 ETH (38.87 USD @ $3887.14/ETH) attached to it.
gitcoinbot
commented
3 years ago Issue Status: 1. Open 2. Started 3. Submitted 4. Done
Work has been started.
These users each claimed they can complete the work by 1 week from now. Please review their action plans below:
1) icebert04 has started work.
Hello @riversyang,
I see that you need help with your OCT Token Timelock Contract bug bounty.
I can help you by conducting an in-depth security assessment. And finding high to critical vulnerabilities and also giving recommendations.
I have already done 6 bounties on Gitcoin.co 4 of them are smart contract audits. The recent task that I've done was doing smart contract audit with DePayFi. I reviewed their code line-by-line and also did a full test coverage using Hardhat and other security tools as an additional layer for verification. Link attached here... https://gitcoin.co/issue/DePayFi/depay-evm-launchpad/1/100026408
Feel free to check on my Github repo on projects that I made on the Blockchain. Link attached here... https://github.com/icebert04?tab=repositories
Message me anytime if you have more inquiries.
All the best, Francis
Learn more on the Gitcoin Issue Details page.
gitcoinbot
commented
3 years ago Issue Status: 1. Open 2. Started 3. Submitted 4. Done
Work for 0.1 ETH (393.3 USD @ $3933.01/ETH) has been submitted by:
gitcoinbot
commented
3 years ago Issue Status: 1. Open 2. Started 3. Submitted 4. Done
Work for 0.1 ETH (393.30 USD @ $3933.01/ETH) has been submitted by:
@riversyang please take a look at the submitted work:
icebert04
commented
3 years ago Hello @riversyang
I found some vulnerabilities on https://github.com/octopus-network/oct-token-eth/tree/main/contracts
Please allow me to finish and conclude my assessment. And also permit me to do more tests on the concerned smart contract.
I'll be submitting my work as soon as I verified all threat levels of concern.
icebert04
commented
3 years ago Hi @riversyang
I see that you already gave bounty to a fellow blockchain developer.
My question is... Are you still open to accepting my vulnerability report?
If it is, then I'll send my complete smart contract audit to your team.
riversyang
commented
3 years ago Hi, the program is still open. Feel free to commit your pr. If it is valuable to improve these contracts in scope, we’ll pay you the bonus. Thank you.
Best Regards, Rivers
2021年9月8日 09:17,Francis Isberto @.***> 写道:
Hi @riversyang https://github.com/riversyang I see that you already gave bounty to a fellow blockchain developer.
My question is... Are you still open to accepting my vulnerability report?
If it is, then I'll send my complete smart contract audit to your team.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/octopus-network/oct-token-eth/issues/1#issuecomment-914766675, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABDOC37BTCOV5Z5444V44D3UA22SPANCNFSM5CTCWLXA. Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.
icebert04
commented
3 years ago @riversyang Alright, I'll proceed with my report then.
I'll notify you when I'm done.
icebert04
commented
3 years ago Hi @riversyang
I just sent my OCT Token audit report through Gitcoin. https://github.com/octopus-network/oct-token-eth/pull/4
Attached in that report are my vulnerability findings, as well as my recommendations.
gitcoinbot
commented
3 years ago Issue Status: 1. Open 2. Started 3. Submitted 4. Done
The funding of 0.1 ETH (327.81 USD @ $3323.47/ETH) attached to this issue has been approved & issued to @developerfred.
This bug bounty program is hosted on Octopus Network / oct-token-eth. All bug reports must be submitted through this repository in order to be accepted. This post was created by Octopus Network.
Program Overview
Octopus Network is a sidechain network to host Web3.0 application specific blockchains, aka appchains, around NEAR protocol. By providing cost-effective leased security, out-of-box interoperability, complete infrastructure and ready to be engaged community, the Octopus Network will decrease the capital expenditure to bootstrap an appchain by 100X.
The OCT Token for Octopus Network is published on Ethereum. The timelock contract in this repository is to control the release of OCT token to angle investors, core team, NEAR foundation and Octopus foundation. It contains a linear unlocking rule for the beneficiaries. Refer to README for more details.
This program is focused around the timelock contract and the prevention of loss of investors and core team.
Rewards by Threat Level
Rewards are distributed according to the impact of the vulnerability evaluated by Octopus Network.
Assets in Scope
Ethereum smart contract: https://github.com/octopus-network/oct-token-eth/tree/main/contracts
Prioritized Vulnerabilities
We are especially interested in receiving and rewarding vulnerabilities of the following types:
Out of Scope & Rules
The following vulnerabilities are excluded from the rewards for this bug bounty program:
Smart Contracts and Blockchain
In the case of two or more reports covering the same vulnerability, only the first complete bug report gets the reward.