Hacken Ecosystem

Meet BitMart

BitMart is a crypto exchange. It features activities like:

  • spot, margin, futures trading
  • deposit & staking to earn
  • NFT marketplace
  • token launchpad
  • reward task center
  • B2B services

Check Out The Rewards

If you find a vulnerability according to the bounty rules, BitMart will reward you:

  • Critical: $2000 – $5000
  • High: $800 – $2000
  • Medium: $200 – $500
  • Low: $50 – $150

Join The Bounty Hunt

There are 4 assets to look for the bugs:

  • 2 web pages
  • 1 Android app
  • 1 iOS app

Make sure your reports contain info about these incidents:

  • Business logic issues
  • Payments manipulation
  • Remote code execution (RCE)
  • Injection vulnerabilities (SQL, XXE)
  • File inclusions (Local & Remote)
  • Access Control Issues (IDOR, Privilege Escalation, etc)
  • Leakage of sensitive information
  • Server-Side Request Forgery (SSRF)
  • Cross-Site Request Forgery (CSRF)
  • Cross-Site Scripting (XSS)
  • Directory traversal
  • Other vulnerability with a clear potential loss

To increase your chances of finding a critical bug, read BitMart API documentation here.

Once you’re ready, click here to join the bounty hunt!