• TenX Bug Bounty Program

    At TenX we highly value security to keep our users wallets safe and push the crypto ecosystem to a safer more trusted future. To achieve that goal we want to include the community to take part in finding any potential security risks to our system. We encourage independent security researchers to submit vulnerabilities via our responsible disclosure bug bounty program.

    We urge Submitters to:
    - give us reasonable amount of time to close any submitted vulnerabilities
    - not use any other channel to submit vulnerabilities than the information provided on this page
    - not damaging TenX users, TenX itself or disclosing any data in the process of discovery

    Besides earning a place in our security hall of fame and receiving a free TenX card, every security vulnerability submitted that results in a fix on our side will receive a monetary reward.
    The following Table is an estimate for reward amounts (depending on the severity we might pay out higher rewards):

    Vulnerability Reward
    Remote Code Execution $10,000
    Manipulation of account balance $5,000
    Vulnerability resulting in financial loss (depending on severity) $2,000-$5000
    Loss of privileged information (passwords, API keys, private keys, etc.) $3,000
    Loss of user personal information (addresses, phone numbers, ...) $1,000
    Authentication bypass $1,000
    Other best practices or minor configuration problems $100

    In order to be eligible for rewards the security vulnerabilities have to be applicable in a real world attack scenario. Furthermore the vulnerability has to be demonstrated to our team in a comprehensible/reproducible way. In case of multiple researchers submitting the same vulnerability before a fix has been released on our side, we reserve our right to split rewards among those submissions.

    Please submit your vulnerabilities encrypted using our:
    PGP Public Key


    Your TenX Security Team