VDEX
  • overview
    • Introduction
    • What is VDEX?
    • Core Features
      • Omnichain Trading
      • Full Self-Custody
      • Sustainable BTC Yield
      • ZeroGas Transactions
      • Sub-Millisecond Finality
      • No KYC, No VPN Restrictions
  • Trade
    • Platform
      • Getting Started
      • Platform Navigation
      • Deposit and Withdraw
      • Supported Collateral
      • Pairs
      • Finality Time
      • Perps
      • Orders
      • CLOB
      • Margin
      • Leverage
      • Liquidations
      • Fee Schedule
      • Gas Fees
      • Funding Rate
      • Insurance Fund
    • Access
      • Chain Abstraction
      • No VPN, No KYC
    • Beta
    • Market Making
    • Security
      • VDEX Fund Protection
      • Dispute Resolution Mechanism
      • Oracle and Collusion Safeguards
  • Yield
    • Virtual Market Maker
    • Volatile Asset Collateral
    • Fund Strategy
  • Ecosytem
    • Overdrive
      • Overdrive: The Ultimate Trading Advantage
        • Activating Overdrive
        • Key Participants
      • Market Makers-Overdrive
      • Traders-Overdrive
    • Bug Bounty Program
    • Bug Reporting Guidelines
    • Contact & Support Channels
    • FAQ
    • Whitepaper
    • Definition of Terms
Powered by GitBook
On this page
  • Bounty Tiers & Rewards
  • Reporting Guidelines
  • Rules & Conditions
Export as PDF
  1. Ecosytem

Bug Bounty Program

At VDEX, security is a top priority. We are committed to providing a safe and trustless trading environment, and we recognize the vital role that security researchers play in helping us maintain the integrity of our platform.

To encourage responsible disclosure of vulnerabilities, we are offering a Bug Bounty Program with significant rewards for findings that could impact the platform’s security and functionality.

Bounty Tiers & Rewards

Severity
Reward (USDT + Tokens)
Description

Critical

$10,000 + 100,000 Tokens

Any vulnerability that can be exploited to steal large amounts of funds from the exchange, bypass security measures, or completely compromise user funds or system integrity.

Medium

$5,000 + 50,000 Tokens

Issues that could lead to loss of funds under specific conditions, smart contract failures, or the ability to manipulate core trading mechanisms in a way that negatively impacts users.

Low

$1,000 + 10,000 Tokens

Minor vulnerabilities such as UI bugs, edge-case smart contract inefficiencies, or potential exploits that require significant effort to execute and have limited impact.

Note: Rewards will be assessed based on severity, reproducibility, and overall risk. The final decision on severity classification and payout amounts is at the discretion of the VDEX security team.

Reporting Guidelines

To qualify for a bounty, reports must:

✅ Be submitted privately via [Insert Secure Contact Method] ✅ Contain a detailed description of the issue, including steps to reproduce ✅ Provide proof of concept (PoC) or working exploit code where applicable ✅ Not be publicly disclosed before VDEX has addressed the issue

Rules & Conditions

  • Do not perform attacks that could disrupt platform operations or affect users

  • Do not engage in blackmail, extortion, or threats regarding vulnerabilities

  • Do not publicly disclose vulnerabilities until they are patched and confirmed safe

  • Only the first valid report of an issue will be eligible for a reward

  • VDEX reserves the right to determine the eligibility and reward amount of each submission Get Started

    If you believe you’ve found a vulnerability, Join our Telegram to get access code for Demo

PreviousTraders-OverdriveNextBug Reporting Guidelines

Last updated 3 days ago