Meet BitMart
BitMart is a crypto exchange. It features activities like:
- spot, margin, futures trading
- deposit & staking to earn
- NFT marketplace
- token launchpad
- reward task center
- B2B services
Check Out The Rewards
If you find a vulnerability according to the bounty rules, BitMart will reward you:
- Critical: $2000 – $5000
- High: $800 – $2000
- Medium: $200 – $500
- Low: $50 – $150
Join The Bounty Hunt
There are 4 assets to look for the bugs:
- 2 web pages
- 1 Android app
- 1 iOS app
Make sure your reports contain info about these incidents:
- Business logic issues
- Payments manipulation
- Remote code execution (RCE)
- Injection vulnerabilities (SQL, XXE)
- File inclusions (Local & Remote)
- Access Control Issues (IDOR, Privilege Escalation, etc)
- Leakage of sensitive information
- Server-Side Request Forgery (SSRF)
- Cross-Site Request Forgery (CSRF)
- Cross-Site Scripting (XSS)
- Directory traversal
- Other vulnerability with a clear potential loss
To increase your chances of finding a critical bug, read BitMart API documentation here.