Bug Bounty Program for CryptoFarmers

Program Overview

Welcome to the Bug Bounty Program for CryptoFarmers. We value the security and integrity of our platform and the trust of our players. To ensure our platform remains secure, we invite security researchers, gamers, and the general public to help us identify potential vulnerabilities in our game. By participating in this Bug Bounty Program, you can earn rewards while helping us maintain a safe and fair gaming environment.

Scope of the Program

The Bug Bounty Program covers the following areas of the CryptoFarmers Game:

Game Mechanics:

Issues related to the exploitation of game mechanics that provide unfair advantages to players.

Issues that allow to uncontrollably obtain (craft) game resources.

Vulnerabilities that allow for unauthorized in-game purchases or asset manipulation.

Smart Contracts:

Security vulnerabilities in smart contracts associated with the game's cryptocurrency and token transactions.

Flaws that could lead to the loss of funds, double-spending, or unauthorized token transfers.

Web and API Security:

Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and other web-related vulnerabilities.

API security issues, including unauthorized access, data leakage, and manipulation.

Authentication and Authorization:

Issues that allow unauthorized access to user accounts or administrative functionalities.

Flaws in multi-factor authentication (MFA) processes.

Data Privacy:

Vulnerabilities that could lead to unauthorized access to user data, including personal information and cryptocurrency wallets.

Out of Scope

The following areas are considered out of scope for the Bug Bounty Program:

Social engineering attacks, including phishing.

Denial of Service (DoS) attacks.

Physical attacks or vulnerabilities related to third-party software or hardware.

Issues related to outdated browsers or devices no longer supported by the game.

Eligibility

The Bug Bounty Program is open to individuals worldwide, except in countries where participation in such programs is prohibited by law. Employees of the company and their immediate family members are not eligible to participate.

Reward Structure

Rewards will be issued based on the severity and impact of the reported vulnerabilities:

Critical

Up to $ 1,000

e.g., exploits that lead to significant financial loss, game economy manipulation, or complete compromise of the platform

High

Up to $ 200

e.g., vulnerabilities that allow unauthorized access to user accounts or smart contracts

Medium

Up to $ 100

e.g., vulnerabilities that require user interaction but could lead to unauthorized actions

Low

Up to $ 50

e.g., minor issues with minimal impact on security

Rewards will be paid in cryptocurrency, with the option to receive payouts in the game’s native token!

Reporting Guidelines

Submission:

Vulnerabilities should be reported through our Bug Bounty submission form here, providing a detailed description, steps to reproduce, and any relevant proof of concept (PoC).

Responsible Disclosure:

We expect participants to follow responsible disclosure practices. Do not publicly disclose vulnerabilities until we have had the opportunity to address them.

Collaboration: 

 If needed, we may reach out for additional information or clarification. We appreciate your cooperation in resolving any issues you report.

Resolution Time: 

We aim to respond to all submissions within 48 hours and to address verified vulnerabilities within 30 days.

Legal Considerations

By participating in this Bug Bounty Program, you agree to comply with all applicable laws. You must not violate any laws or regulations, and you must not intentionally harm the game or its users. We reserve the right to modify or terminate the Bug Bounty Program at any time without notice.

Contact Us

For any questions or concerns regarding the Bug Bounty Program, please contact our security team at [email protected] .

Thank you for helping us secure our Play2Earn Browser Crypto Game and making it a safe and enjoyable experience for all our players!