Scope & References
Our bug bounty is applicable to the following repositories. This list will grow over time.
Repository 1 Audit Report:
- Public disclosure of a vulnerability would make it ineligible for a reward.
- Duplicated issues are not eligible for reward. The first submission is the eligible one.
- If you want to add more information to a provided issue, create a new submission giving reference to the initial one.
- Rewards will be decided on a case by case basis and the bug bounty program, Terms and conditions are at the sole discretion of Gravity Team.
- Rewards will vary depending on the severity of the issue. Other variables considered for rewards include: the quality of the issue description, the instructions for reproducibility, and the quality of the fix (if included).
- Determinations of eligibility, score and all terms related to a reward are at the sole and final discretion of Gravity.
- Submissions need to be related with the Bounty Scope. Submissions out of the Bounty Scope will not be eligible for a reward.
- Any interference with the protocol, client or platform services, on purpose or not, during the process will make the submission process invalid.
- Terms and conditions of the bug bounty process may vary over time.
Any activities conducted in a manner consistent with this policy will be considered authorized conduct and we will not initiate legal action against you. If legal action is initiated by a third party against you in connection with activities conducted under this policy, we will take steps to make it known that your actions were conducted in compliance with this policy.