everiToken | blockchain: Program info

Documentation

• everiToken Single Node Test Guide - https://github.com/everitoken/evt/wiki/Single-Node-Test-Guide
• EVT ABI Docs - https://github.com/everitoken/evt/blob/master/docs/ABI-References.md
• EVT API Docs - https://github.com/everitoken/evt/blob/master/docs/API-References.md

In-Scope Vulnerabilities

Common examples of security issues in scope of the program for EVT are listed below:

• Single Node DoS - any node crash via API, requests etc.
• EVT DoS - blockchain crash via breaking consensus, API and other requests etc.
• API access control violations - gaining access to privileged functions
• Attacks on cryptography
• Transaction / messages malleability
• Lack of validation for transactions, blocks etc.
• Standards violations
• For issues that are not listed above, EVT appreciates reports that demonstrate vulnerabilities for the blockchain. Those reports are rewarded in accordance to the severity of the vulnerability.

• Avoid compromising any personal data, interruption or degradation of any service .
• Don’t access or modify other user data, localize all tests to your accounts.
• Don’t exploit any DoS/DDoS vulnerabilities, social engineering attacks or spam.
• In case you find chain vulnerabilities we pay only for vulnerability with the highest severity.
• Only the first valid bug is eligible for reward.
• Don’t disclose publicly any vulnerability until you are granted permission to do so.
• Don’t break any law and stay in the defined scope.
• Comply with the rules of the program.
• The rewards will be paid out in HKN based on the current price.
• Any details of found vulnerabilities must not be communicated to anyone who is not a HackenProof Team or an authorized employee of this Company without appropriate permission.