Open in app

Sign in

Write

Sign in

Pre-sale Contract Audit and Bug Bounty

Henning Rokling
Parsec Frontiers
Published in
3 min readJan 23, 2018

Overview

We are publishing our smart contract along with an external audit report, and a bug bounty programme for the Parsec Frontiers smart contract relating to our Pre-Sale of PRSC tokens.

Our token sale smart contract has been written by the Artplant development team. It has been audited by Sameep Singhania.

The token and pre-sale contract can be found here. Due to the limited time frame we had, we could not perform additional audits and would like to invite the community to go over the contract.

Major bugs will be rewarded up to $10,000 (in PRSC tokens). Higher rewards are possible (up to $20,000 in PRSC tokens) in case of very severe vulnerabilities.

Most of the rules on https://bounty.ethereum.org apply:

  • First come, first serve.
  • Issues that have already been submitted by another user or are already known to the Parsec Frontiers team are not eligible for bounty rewards.
  • Public disclosure of a vulnerability makes it ineligible for a bounty.
  • Anyone who was a paid auditor of this code is not eligible for rewards.
  • Determinations of eligibility, score and all terms related to an award are at the sole and final discretion of the Parsec Frontiers team.

Scope

All smart contracts relating to the token sale commencing January 24th, 2018. This includes:

Timeline

As of this post, the bug bounty program is considered started and valid reports of bugs will be compensated moving forward. The bounty program will continue even after the token launch.

Compensation

The value of rewards paid out will vary depending on severity. The severity is calculated according to the OWASP risk rating model based on Impact and Likelihood, as done in the Ethereum bug bounty campaign:

  • Note: Up to $100 in PRSC
  • Low: Up to $2,000 in PRSC
  • Medium: Up to $5,000 in PRSC
  • High: Up to $10,000 in PRSC
  • Critical: Up to $20,000 in PRSC

Example: If you find a way to steal raised funds, this is a critical bug. If you find a way to mint PRSC, this is high priority.

The submission’s quality will factor into the level of compensation. A high quality submission consists of:

  • An explanation of how the bug can be reproduced
  • A failing test case
  • A fix that makes the test case pass.

High quality submissions may be awarded amounts higher than the amounts specified above.

Note: all PRSC will be distributed after the token sale, ending January 31st 2018. It will be unlocked and ready to spend as soon as the token sale ends.

We request that you please give us reasonable amount of time to reply to your inquiry, and that you do not exploit any vulnerability you discover.

Contact

For any questions, please join the Parsec Frontiers Discord and join the #security_bounty channel.

For submissions, please send to hello@parsecfrontiers.com. We also welcome anonymous submissions.

Ethereum

--

--

Henning Rokling
Parsec Frontiers

Written by Henning Rokling

275 Followers
Editor for

Founder of the Parsec Frontiers blockchain-based MMO.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams