Established in 2013, Gate is one of the world's pioneering cryptocurrency exchanges, serving over 24 million users globally. It consistently ranks among the top 3 globally in both trading volume and liquidity. Gate is currently ranked second globally in 24-hour spot trading volume, supporting spot trading, futures trading, margin trading, and wealth management products for over 3,800 cryptocurrencies. The platform offers comprehensive and diversified digital asset trading and blockchain application services. It employs zero-knowledge technology to ensure the 100% verifiability of user assets.
Target | Type | Severity | Reward |
---|---|---|---|
https://www.gate.com Copy https://www.gate.com | Web | Critical | Bounty |
iOS App Copy https://apps.apple.com/us/app/gate-io/id1294998195 Or https://testflight.apple.com/join/tBYCVJgJ | Web | Critical | Bounty |
Android App Copy https://play.google.com/store/apps/details?id=com.gateio.gateio | Android | Critical | Bounty |
Windows App Copy https://gapp.b.live/Gateio_Setup-winapp | Web | Critical | Bounty |
Mac App Copy https://gapp.b.live/Gate.io-macapp | Web | Critical | Bounty |
API & Websocket Copy https://api.gateio.ws/api/v4 wss://api.gateio.ws/ws/v4/ | Web | Critical | Bounty |
Malta Site Copy https://gate.mt/ | Web | Critical | Bounty |
https://www.gate.com
https://apps.apple.com/us/app/gate-io/id1294998195 Or https://testflight.apple.com/join/tBYCVJgJ
https://play.google.com/store/apps/details?id=com.gateio.gateio
https://gapp.b.live/Gateio_Setup-winapp
https://gapp.b.live/Gate.io-macapp
https://api.gateio.ws/api/v4 wss://api.gateio.ws/ws/v4/
https://gate.mt/
We are mostly interested in the following vulnerabilities:
OUT OF SCOPE - WEB
Vulnerabilities found in out of scope resources are unlikely to be rewarded unless they present a serious business risk (at our sole discretion). In general, the following vulnerabilities do not correspond to the severity threshold:
OUT OF SCOPE - MOBILE
Critical 3000 - 5000 USD e.g : direct accesses to system privilege or core business, with potential significant damage.
High 900 - 2000 USD e.g: unauthorized access, severe SQL injection, high-risky info leakage.
Medium 300 - 500 USD e.g: affecting the use and access of a portion of our users, modifying user information, etc
Low 50 - 150 USD e.g: text message bomb, non-sensitive information leakage,etc
Note: Severity depends on threats to the business and is evaluated individually by Gate Team