Aptos Petra Wallet x Immunefi Bug Bounty Program - DropsEarn
Home Ended Aptos Petra Wallet x Immunefi Bug Bounty Program
Aptos Petra Wallet x Immunefi Bug Bounty Program

Aptos Petra Wallet x Immunefi Bug Bounty Program

Add to Watchlist

Added to Watchlist

Reward pool

Not set

USDC, USDT

Expected profit

up to $100,000

up to 100,000 USDC/USDT

Max participants

No limit

DropsEarn score

Neutral

Normal, Low Risks

Details

Aptos is building a safe, upgradeable and production-ready Layer 1 blockchain. Founded by a highly-accomplished team of creators, researchers, designers, and builders, Aptos Labs is committed to delivering universal and fair access to decentralization for billions of people. Aptos’ breakthrough Layer 1 technology and programming language, Move, are designed to evolve, improve reliability and performance and strengthen security. This is achieved through novel innovations across consensus, smart contract design, system security, performance, and decentralization - making it dramatically easier for developers to build scalable and user-friendly applications.

Rewards by Threat Level

Rewards are distributed according to the impact of the vulnerability based on the Immunefi Vulnerability Severity Classification System V2.2. This is a simplified 5-level scale, with separate scales for websites/apps, smart contracts, and blockchains/DLTs, focusing on the impact of the vulnerability reported. This scale encompasses all the aspects of a bug, from the consequence of a successful exploit to the level of access required to exploit it, to the probability that an exploitation attempt will be successful.

Critical vulnerabilities: up to the max bounty amount specified below under Aptos discretion.
All rewards are decided on a case-by-case basis by Aptos, taking into account the exploitability of the bug, the impact it causes, and the likelihood of the vulnerability presenting itself if it is nondeterministic or some of the conditions are not present at the time.

All web/app bug reports must come with a PoC with an end-effect impacting an asset-in-scope in order to be considered for a reward. Explanations and statements are not accepted as PoCs and code is required.

Note: Aptos has a second bug bounty program, which can be found here.

Criteria for determining report validity is the satisfaction of a critical impact. In cases where multiple bugs across Aptos assets are required to create a single critical impact, these bugs will be treated as a single report for determining rewards.

Furthermore, reports are treated as unified across Aptos programs; a bug report rewarded in one program is disqualified from further rewards on other Aptos programs that might exist on Immunefi. This does not apply to separate particular bug reports, which can qualify for new rewards on other Aptos programs if a separate impact is demonstrated.

KYC Requirements

This bug bounty program is only open to individuals outside the OFAC restricted countries. Bug bounty hunters will be required to provide evidence that they are not a resident or citizen of these countries in case the submission is eligible for a reward. If the individual is a US person, tax information will be required, such as a W-9, in order to properly issue a 1099. Aptos requires KYC to be done for all bug bounty hunters submitting a report and wanting a reward. Form W-9 or Form W-8 is required for tax purposes. All bug bounty hunters are required to use Persona for KYC, via their community platform (aptoslabs.com). The collection of this information will be done by the Aptos project team.

Payouts are handled by the Aptos team directly and are denominated in United States Dollars (USD). However, payouts are done in USDC and USDT, with the choice of the ratio at the discretion of Aptos’s team.

Links

 

About

Aptos Petra Wallet has launched their bug bounty on Immunefi. Aptos is building a safe, crypto wallet that encrypts your keys and allows you to store, collect, and trade coins. Find bugs and earn up to $100,000.

Activity Type

Bug bounty

Tech

Bugs

Date

26 Sep 2022 19:41(UTC+3) - 22 Nov 2022 01:24(UTC+3)

Registration

Closed

When Reward:

None

Event Status

You can't participate(Event ended)