BUG BOUNTY PROGRAM


SECURITY AT XYO

At the XYO, we treat security as a priority. We understand that no code is completely secure and welcome reports of vulnerabilities in our assets. If you believe you have found a security vulnerability in our systems, please follow the policy outlined below. For each report submitted to the XYO Network bounty program, we will provide an initial response within two (2) business days. If the report is deemed valid, we will make a bounty decision and payment within seven (7) business days. Please contact security@xyo.network with any details regarding a vulnerability.


TARGET ASSETS

  • *.xyo.network (excluding -- geohackers.xyo.network, merch.xyo.network)
  • Vulnerabilities on the XYO protocol, as outlined in the White Paper and Red Paper. Theoretical exploits are welcomed if realistic implications can be demonstrated.
  • Vulnerabilities on the XYO Network GitHub organization projects: https://github.com/XYOracleNetwork

EXCLUSIONS

  • Previously known vulnerabilities on the XYO Network. Note that novel complications to existing solutions or mitigations to known exploits as outlined in the Red Paper are welcomed and qualify for bounties.
  • Theoretical vulnerabilities without any proof or demonstration
  • Content spoofing / Text injection issues
  • Attacks based on social engineering or phishing
  • Self-XSS
  • Denial of Service, except with regard to exploits for the XYO Network at large
  • Third-party hosted content on *.xyo.network

BOUNTIES

Bounties are entirely at the discretion of the XYO. For qualifying vulnerabilities, the following outlines standard bounty amounts:

  • Critical - $2,500 in XYO Tokens
  • High - $1,500 in XYO Tokens
  • Medium - $500 in XYO Tokens
  • Low - $100 in XYO Tokens

DISCLOSURE POLICY

Let us know as soon as possible upon discovery of a potential security issue, and we'll make every effort to quickly resolve the issue. Although we welcome disclosure, provide us a reasonable amount of time to resolve the issue before any disclosure to the public or a third-party. Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service. Only interact with accounts you own or with explicit permission of the account holder

SEC의 성명과 앞을 향한 진술:

XYO 토큰들은 형평법을 나타내느것이 아니며 XYO 위치 네트워크의 유틸리티 토큰이며, 이는 자신의 이더리움 스마트컨트랙트에서 XY Oracle 네트워크를 사용하려는 경우에 필요합니다.

투자하기전에 기채설명서(OFFERING CIRCULAR)를 꼭 읽어보시고 투자하시기 바랍니다.

투자에 대한 문서들은 밑에 페이지에서 확인하세요. xy.company/offering

XYO 토큰 구매를 원하시면 이 페이지에 있는 링크를 클릭해주세요.