Open in app

Sign in

Write

Sign in

Space Bug Bounty program

ENEX.SPACE
ENEX.SPACE
Published in
2 min readAug 26, 2022

Welcome to ENEX.SPACE Bug Bounty program

The program will take place from September 1 to September 22, 2022.

About

ENEX.SPACE is a DeFi platform built on the Enecuum blockchain. ENEX.SPACE functions based on the ENX token. ENX benefits from overall liquidity in ENEX.SPACE and can be used to gain profit from trading operations. From the user’s point of view ENEX.SPACE consists of liquidity pools, treasury, Drop farms, Space drop, ETM, and Station.

We are committed to the security of the ENEX.SPACE and its users, that’s why ENEX development is governed by rigorous, conservative security measures that are not compromised for convenience.

You have to use the BIT test network for all the tests or use source code published.

Scope

https://app.enex.space/ v0.3.10 or higher if available
https://bit.enecuum.com/ main branch last commit
Enecuum browser extension v0.4.6 or higher if available
Enecuum iOS App PWA v0.4.6 or higher if available

Rewards

p0 — up to 100,000 ENX
p1 — up to 20,000 ENX
p2 — up to 6,000 ENX
p3 — up to 4,000 ENX
p4 — up to 3,000 ENX

Bugs details

The ENEX team adheres to a common taxonomy of bugs, as an example: ref.
Example of different vulnerabilities and rewards for it:

— Double spend or Anauthorised funds moving. up to 100,000 ENX*
— Stoppage of the network (Severe, do not include denial of service attacks). up to 20,000 ENX*
— Disabling certain subsystems of a node. up to 6,000 ENX*

*it is the approximate level of rewards, all reports of bugs found are considered on a case-by-case basis

Resources

extension: https://chrome.google.com/webstore/detail/enecuum/oendodccclbjedifljnlkapjejklgekf
iOS app: https://testflight.apple.com/join/WHOMGLUZ
guides: https://trinitylab.gitbook.io/enex.space/
app.enex.space github:https://github.com/Enecuum/dex-ui
bit.enecuum.com github: https://github.com/Enecuum/explorer

Report Formatting

In the Description of a Vulnerability Report, please format the replication process as an Ordered List. Valid reports, formatted the following way, will be prioritized:

Steps To Reproduce: (Add details for how we can reproduce the issue)

-step 1
-step 2

-step N

Report submission

Reports should be submitted to the Google Form
Please pay attention to the reply address field as we will need to contact you to discuss submission details or its status update.

Ineligible issues (May be closed as out of scope)

  • Theoretical vulnerabilities without actual proof of concept
  • Invalid or missing SPF (Sender Policy Framework) records (incomplete or missing SPF/DKIM/DMARC)
  • Vulnerabilities only exploitable on out-of-date browsers or platforms
  • Vulnerabilities related to auto-fill web forms
  • Use of known vulnerable libraries without actual proof of concept
  • Issues related to unsafe SSL/TLS cipher suites or protocol version
  • Content spoofing
  • Exposure of internal IP address or domains
  • Vulnerabilities that require root/jailbreak
  • Vulnerabilities that require physical access to a user’s device
  • Any activity (like DoS/DDoS) that disrupts our services
  • Reports from automated tools or scans

Contact information

bb@enex.space

Bug Bounty
Cryptocurrency
Defi
Dex
Bounty Program

--

--

ENEX.SPACE
ENEX.SPACE

Written by ENEX.SPACE

90 Followers
Editor for

First DeFi platform powered by Enecuum Network. Made by Trinity Lab

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams