Alex Horlan
СТО HackenProof

Meet CoinW

CoinW is a world-class reliable trading platform, established in 2017, with companies in 120 countries around the world and headquartered in Singapore.
Check Out The Rewards

If you find a vulnerability according to the bounty rules, CoinW will reward you:

  • Critical: $5,000 – $10,000
  • High: $2,000 – $5,000
  • Medium: $500 – $2,000
  • Low: $100 – $500

Join The Bounty Hunt

There are 3 asset types to scope!

  • Web
  • API
  • App

Make sure your reports contain info about these incidents:

  • Business logic issues
  • Payments manipulation
  • Remote code execution (RCE)
  • Injection vulnerabilities (SQL, XXE)
  • File inclusions (Local & Remote)
  • Access Control Issues (IDOR, Privilege Escalation, etc)
  • Leakage of sensitive information
  • Server-Side Request Forgery (SSRF)
  • Cross-Site Request Forgery (CSRF)
  • Cross-Site Scripting (XSS)
  • Directory traversal
  • Other vulnerability with a clear potential loss

To increase your chances of finding a critical bug, read CoinW documentation here.

Once you’re ready, click here to join the bounty hunt!