RWA Inc. Docs
HomeLaunchpadExchange
  • Overview
  • Introduction
  • Our Products
  • Project Details
    • Whitepaper
    • Tokenomics
    • Pitch Deck
    • Smart Contract Audit
  • Project Roadmap
  • About Us
  • Launchpad & Staking
    • Welcome to the RWA Global Inc. Launchpad
      • Why Choose RWA Inc.?
      • How does an IDO work?
      • How is $RWA token involved?
      • How to Participate
      • Investor Protection: Refund Policy
    • Get Started with RWA Inc.
    • The RWA Launchpad Tier System
    • RWA Staking Policies
    • User Refund Policy
    • FAQs
  • TestNet Guide
    • MetaMask Setup: Sepolia Base & RWAT/USDR
    • Claim $RWAT and $USDR
    • RWA Exchange Trading Competition (Testnet)
    • Bug Bounty Program
  • Stay Connected
    • Website
    • X (Twitter)
    • Telegram Community
    • LinkedIn
    • Medium
Powered by GitBook
LogoLogo

Docs

  • Overview
  • Launchpad
  • Staking

RWA Inc.

  • Home
  • Launchpad
  • Exchange

RWA Global Inc. © 2024. All rights reserved.

On this page
  • Program Overview
  • Scope
  • Rewards
  • Submission Guidelines
  • Responsible Disclosure Policy
  • Eligibility
  • Response and Resolution

Was this helpful?

  1. TestNet Guide

Bug Bounty Program

PreviousRWA Exchange Trading Competition (Testnet)

Last updated 7 months ago

Was this helpful?

At RWA Inc., we prioritize the security and privacy of our customers above everything else. In our ongoing commitment to maintain robust security standards, we have launched the RWA Inc. Bug Bounty Program!

This initiative invites security researchers and ethical hackers worldwide to help us identify vulnerabilities in our systems and applications.

Program Overview

The Bug Bounty Program is designed to encourage responsible disclosure of security issues. By participating, researchers can earn monetary rewards in the form of $RWA tokens and recognition for their contributions to enhancing our security posture.

Scope

We are interested in vulnerabilities that could compromise the integrity, confidentiality, or availability of our systems. Moreover, we are interested in optimizing cosmetics, and reward also reports that involve general optimization etc. Lastly, we reward selected innovative ideas and improvement suggestions across our platforms.

The following assets are in scope:

  • RWA Launchpad on test net - plus any publicly accessible web application owned by RWA Inc.

  • Infrastructure: Public-facing servers and network infrastructure.

Out of Scope:

  • Third-party services and applications not owned by RWA Inc.

  • Denial of Service (DoS) attacks.

  • Physical security tests.

  • Social engineering of our employees or customers.

  • Vulnerabilities requiring physical access to hardware.

Rewards

Rewards are based on the severity of the vulnerability, assessed using the Common Vulnerability Scoring System (CVSS). The reward ranges are as follows:

  • Critical severity: Up to $10,000 in $RWAs

  • High severity: Up to $5,000 in $RWAs

  • Medium severity: Up to $1,000 in $RWAs

  • Low severity: Up to $250 in $RWAs

To execute $RWA token reward payouts, please provide the valid ETH wallet address in the form submission.

Note: The final reward amount is at the discretion of RWA Inc. and depends on the quality of the report and the impact of the vulnerability.

Submission Guidelines

To ensure a smooth review process, please adhere to the following guidelines:

  • Detailed reports: Provide a clear and detailed report including steps to reproduce the vulnerability, potential impact, and suggested remediation.

  • Proof of concept: Include screenshots, videos, or code snippets that demonstrate the issue.

  • Legal compliance: Do not engage in testing that violates any laws or regulations.

Responsible Disclosure Policy

We ask that you:

  • Act in good faith: Avoid privacy violations, data destruction, and interruption of our services.

  • Confidentiality: Do not disclose the vulnerability to the public or any third party before it has been resolved.

  • No exploitation: Do not exploit the vulnerability beyond what is necessary to demonstrate it.

Eligibility

Open to individuals aged 18 or older.

Researchers must not reside in a country under any U.S. sanctions.

Response and Resolution

The RWA INC team is committed to prompt communication:

  • Acknowledgment: We will acknowledge receipt of your report within 3 business days.

  • Assessment: We aim to provide a preliminary assessment within 10 business days.

  • Resolution: Efforts will be made to resolve valid vulnerabilities in a timely manner.

Bug Report submission →

FORM