Open in app

Sign in

Write

Sign in

JOYSO Token Sale Contracts Bug Bounty Announced

Hsieh Yung-chen
JOYSO
Published in
2 min readFeb 17, 2018

--

There are two related contracts in JOYSO Token Sale, JoyToken contract, and JoysoCrowdsale contract.

Update (2018.02.18): We have received alarm and notice there are mistakes about a constant value setting when we first deploy the contracts. The ENS is point to the new contract and all information is updated directly in the article.

The code is identified on the etherscan with ENS joysoCrowdsale.eth and joysoToken.eth, or you can find it on our GitHub or with tag 0.1.

More contracts information can see this article.

Official step to contracts before token sale start

  1. JoyToken contract deployed and set ownership to JOYSOWallet. (done)
  2. All JOY (200,000,000 JOY) will be in JOYSOWallet initially. (done)
  3. Dispatch the JOY token to the presale’s praticapetent before 2018 Feb 28th. The amount is up to 50,000,000 JOY (25% of all).
  4. Dispatch the JOY token to our partner if neccencerly.
  5. Transfer 100,000,000 JOY (50% of all) to the crowdsale contract.
  6. Set the JoyToken ownership to the crowdsale contract.
  7. Start crowdsale at 2018 1st March.
  8. Stop crowdsale and release JOY token after 21 days or JOY token sold out.

Bug bounty

The scope of our bug bounty program includes all contracts related to the JOY token sale contracts. The bug bounty program is considered started and will continue even after the token sale.

Update Noted (2018.02.21): All the related sites or programs (example: https://joyso.io) is in the bounty scope.

We are using the OWASP risk assessment methodology to determine the bug’s level of threat to the sale.

Note: Up to $100 USD

Low: Up to $500 USD

Medium: Up to $1,000 USD

High: Up to $2,500 USD

Critical: Up to $5,000 USD

Please note that the submission’s quality will factor into the level of compensation. A high quality submission includes an explanation of how the bug can be reproduced, a failing test case, and a fix that makes the test case pass. High quality submissions may be awarded amounts higher than the amounts specified above.

Note that bounties will be paid in ETH and that JOYSO team members and paid auditors are not eligible for bounty compensation.

Public disclosure of the bug or indication of an intention to exploit it on the mainnet will make the report ineligible for a bounty. If in doubt about other aspects of the bounty, most of the Ethereum Foundation bug bounty program rules will apply.
Please report bug bounty submissions to support@joyso.io

Contact

You can find us and ask any questions on Telegram or though our mails support@joyso.io

JOYSO Team

Blockchain
Joyso
Ethereum
Dapps
Development

--

--

Hsieh Yung-chen
JOYSO

Written by Hsieh Yung-chen

310 Followers
Editor for

CTO @ JOYSO project. A PhD student of National Taiwan University. And a dencentralize app developer/researcher.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams