Sable Bug Bounty Program

User security is our top priority. We strive to meet the highest standards when it comes to protecting user data and privacy. That's why we encourage developers and security researchers to thoroughly test our system - your expertise and feedback will only make our solution more secure. By working together, we can build robust defenses against threats and vulnerabilities.

What can be considered as an issue?

Our codebase will be published alongside with the audit report here.

Meanwhile, we look forward to the followings in a submitted bug bounty report:

a) the quality of the issue description,

b) the instructions for reproducibility, and

c) the quality of the solution/ recommended fix (if included).

Rules of the Bug Bounty Program

  1. Participants should be able to discover any vulnerability in the frontend or smart contract within the scope of this Program.

  2. Only the person who is the first to disclose the unique vulnerability under the terms and conditions below will be rewarded, after the submitted vulnerability was deemed valid.

  3. Possess sufficient technical knowledge and provide sufficient information necessary to reproduce and fix the vulnerability.

  4. Not exploit the vulnerability in any way, including by making it public or obtaining a profit (other than a reward under this Program).

  5. Any publicity in any way, whether direct or indirect, relating to any bug or vulnerability will automatically disqualify the submitted vulnerability and you from the Program.

  6. Submit only 1 vulnerability per submission. If you want to add more information to a provided issue, create a new submission referencing the initial one.

  7. Please provide as much information as possible about issues and vulnerability in your submission.

How to Submit a Bug?

Please submit your detailed report here.

All submissions will be evaluated by the Team on a case by case basis.

Sable Bounty Reward

Reward scheme will be allocated according to the severity of the issues found under the spectrum below:

Notes:

  1. All rewards will be paid in USDT to the wallet address provided via submission.

  2. Our team will reply to your submission where Bounty Reward will be dropped after all submission has been reviewed.

  3. The amount of bounty stated in the reward scheme represents the maximum reward for each category.

If you’ve encountered any bug-irrelevant query regarding our Bug Bounty Program, please feel free to contact us on discord/ telegram for immediate assistance.

Terms & Conditions

  1. Public disclosure of a vulnerability would make it ineligible for a reward.

  2. Duplicated issues are not eligible for reward. The first submission would be the eligible one.

  3. If you want to add more information to a provided issue, create a new submission giving reference to the initial one.

  4. Rewards will be decided on a case by case basis and the bug bounty program, terms, and conditions are at the sole discretion of Sable Finance.

  5. Submissions need to be related with the Bounty Scope. Submissions out of the Bounty Scope won’t be eligible for a reward.

  6. Any interference with the protocol, client or platform services, on purpose or not during the process will make the submission invalid.

  7. Submissions not following the disclosure policy will not be eligible for a reward.

  8. Determinations of eligibility, score and all terms related to an award are at the sole and final discretion of Sable Finance.

Last updated