Smart Contract Bug Bounty Program: Oddz Incentivised Testnet
Earn Up To $10,000 As Rewards
The Bug Bounty Program of Oddz Incentivised Testnet is now LIVE!
This blog post describes the scope of testing, the priority of vulnerabilities in the codes, the process to submit the bugs, the reward structure for the Bug Bounty program and the duration of it.
A total of $10,000 worth of ODDZ tokens have been kept aside for the Bug Bounty program. The participation of our community members in testing and debugging is of real importance to us.
To make sure that there are no bugs in our protocol, we want to make sure that users are correctly incentivized through a joint practice between the core team and security engineers.
The sooner the bugs are found and resolved, the sooner we will be able to launch on the mainnet!
Snapshots:
- Bugs and issues that are non-technical must be submitted here — https://forms.gle/N4STDwt6vAPS6bAB7
- Bugs related to the Scope of Testing and that are technical must be submitted here — https://bit.ly/3gZRv5K
- Make sure you follow all the terms and conditions and the bugs lie within the scope of testing to ensure you get a chance to win up to $10,000 in ODDZ tokens.
Bug Bounty Program — Oddz Incentivised Testnet
The Bug Bounty program will begin on June 25, 2021, and will continue till further announcement. We invite all interested traders, DeFi enthusiasts, developers and security experts to participate in this program to submit their valuable feedback and suggestions. The Bug Bounty program is aimed to find bugs as fast as we can. As mentioned above, the Incentivised Testnet will give all community members a chance in testing and debugging the protocol.
It is not imperative that you have to find bugs or glitches in the codes or on the platform. Give us an amazing product idea or suggestion and you will get a chance to be rewarded for it as well.
Please note: Some of you have already submitted non-technical bugs here: https://forms.gle/N4STDwt6vAPS6bAB7. We request you to continue doing so. Only those users who submit non-technical bugs using this platform will be eligible for rewards in the Bug Bounty program.
Continue reading to understand how coders and security experts can get a chance to win up to $10,000 in our Bug Bounty program.
Scope of Testing
The following components of Oddz need to be tested at the code level in this Bug Bounty program:
- Basic functionalities of buying options contracts on Easy Options and Customised Options on Oddz.
- Adding liquidity to the pool
- Exercising and Expiration of contracts
- Rewards from pooling and premium distribution
- Rewards from staking
- Social Trading on Oddz
We are also focused on the security level of our smart contracts and protecting the protocol from getting hacked.
How to participate in the Bug Bounty program?
If you are a developer or a security expert, follow the steps below to participate in the Bug Bounty Program -
- Look for code-level bugs for the items mentioned in the Scope of Testing. The Github repositories for the same will be made public on June 25 at 14:30 hours UTC.
Github repository- https://github.com/oddz-finance
- Create a word document or share a Google Document link, mentioning all the relevant information and bugs and submit them in our Bug Bounty Typeform. All submissions related to the codes must be submitted using the Typeform link only.
Typeform — https://bit.ly/3gZRv5K
- All submissions will be reviewed and analysed by the Oddz technical team and you will be provided with feedback as soon as possible.
Prioritised Vulnerabilities
We are especially interested in receiving and rewarding vulnerabilities of the following types:
If you are not a developer, you can still participate in the Bug Bounty program to get rewards in ODDZ tokens.
We value your feedback and you can submit your suggestions in the feedback form that will be shared with all the active users of the Incentivised Testnet at a later date.
Reporting Bugs — Submission Instructions
If you have found a bug, please submit your word document or Google Document on the Typeform. Please note that you must only submit issues related to the scope of this program and nothing else.
In the word document please mention
- The repository the bug is related to.
- The severity of the bug i.e. Severe, Moderate or Less.
- The priority in which the bug needs to be resolved i.e. High, Medium or Low.
- A summary of the word document.
- A description of the bug found.
- Images related to the bug.
- Supporting material/references — Source code to replicate if any.
- The impact on the protocol if the bug is not resolved.
- Your email address, Telegram handle, Twitter handle (at least 3 months old).
Note: Please make sure that the Google Document you submit has view access and please submit the bugs using the Typeform link only.
Reward Structure
A total of $10,000 worth of ODDZ tokens have been allocated to the Bug Bounty program at Oddz. ODDZ tokens will be distributed based on the seriousness of the bug found, the priority in which it needs to be resolved, the description of the word document and the explanation of the same. The scores will be given as O1, O2, O3 & O4.
Given below is the structure for rewards of the Bug Bounty program
Terms and Conditions
Follow all terms and conditions to participate in the Bug Bounty program. You can only submit your feedback and bugs on the forms mentioned in this blog or circulated on the Telegram Announcement chat.
- The total reward for any submission depends on the level of risk and priority at which the bug needs to be resolved.
- Since decisions will be taken manually we expect you to be patient once you have reported the bug.
- Report the technical bugs in the Typeform here — https://bit.ly/3gZRv5K
- Follow the submissions instructions to ensure we quickly reach a solution and get back to you with updates on your bug status.
- Duplicated issues will not be rewarded. The first reported bug is the only one worthy of rewards.
- Submissions out of the Scope of Testing will not be eligible for a reward.
- Any phishing or other social engineering attacks against our employees and/or participants will lead to disqualification from the competition. You will be marked as a ‘bad actor’ in the Incentivised Testnet program.
- Any denial of service attacks will lead to disqualification from the competition. You will be marked as a ‘bad actor’ in the Incentivised Testnet program.
- No rewards will be given to participants who have disclosed the vulnerability without the consent of the Oddz Team.
- Avoid violating the privacy of others, disrupting our systems, destroying data, or harming the user experience.
- No participant must engage in blackmail, extortion or any other unlawful conduct.
- Bugs that have not been publicly reported will only be considered for the Bug Bounty Program.
- Your Telegram and Twitter handle will only be used to communicate with you, in case the team needs more information from your end.
- Rewards will be sent as BEP-20 tokens to your wallet address used while signing up to participate in Oddz Incentivised Testnet.
How long will the Bug Bounty program be available?
Oddz will be conducting the Bug Bounty Program till further notice.
Participate in Oddz Incentivised Testnet now!
Read the Guide to Oddz Incentivised Testnet to know more.
For FAQs, click here.
Still got doubts? Join Oddz Chat and get all your doubts clarified!
About Oddz
Oddz is a trustless on-chain option trading platform that expedites the execution of call and put options contracts, conditional trades, and futures. It allows the creation, maintenance, execution, and settlement of trustless option contracts, conditional tokens agreements, and futures contracts in a fast, secure, and flexible manner.
It employs the synergies of Ethereum, Binance Smart Chain, and Polkadot to unleash the potential decentralized derivatives market. It focuses on building solutions that can propel the DeFi ecosystem by simplifying derivatives trading and enhancing the user experience.
Instagram | Telegram Chat | Telegram Announcements | Twitter | Website
