As announced prior in our Bounty Thread, BitJob had allocated over 2M tokens in bounty and bug hunt activities, and are happy to announce our 2nd Bug Bounty programme, which will take place alongside our bounty until January 27th.


Pre-Launch Bounty details

BitJob, founded in early 2016, aims to give the opportunity to pursue their dreams to all busy, hard working students.

The core vision has led the team to run a successful Crowdfunding Campaign (ICO), enabling the firm to develop a Social Mining™ platform and thus expand the global movement already backed by academic institutions and supports from around the world.

Due to the sensitive nature of the platform we want to ensure our users actions and tokens will be safe. To achieve this, we would like the community to take part in finding any potential security risks or loopholes in our system. We encourage the community to submit any vulnerabilities via our bug bounty program.


Basic details:
Start: 11:59 PM GMT January 17th 2019
Finish: 11:59 PM GMT January 27th 2018
Fund: ~2M STU

https://github.com/bitjobteam

Areas of concern:
The following are the primary areas of concern for the Bitjob team. Different bugs found outside of this criteria will still be considered for bounty payment:

Security flaws within the platform resulting in loss or theft of currency
Bugs restricting users from performing any actions
Bugs associated with server crashes and high load
Platform bugs resulting in poor user experience


Pre-Launch bounty rules
Bugs will be considered valid if they have not already been submitted by another user or are not known to the Bitjob team.
Bugs must be submitted via the official Bitjob Bug hunt form. Submission by any other route will not be considered as valid.
Illegal or fraudulent submissions as a result of a breach of fair use will not be acceptable, DDOSing etc.
Feel free to test the platform. Provide us with the information on ways to disable or disrupt the security system and its database.
Find an attack on the website or via a user account. Please describe the way attackers deceive contributors.

Reward matrix
The reward will be will be determined by a mixture of the following risk matrix:

Bitjob Bug Bounty Risk Matrix

Critical: up to 100 USD

Example: Security flaws within the platform. Potential loss or theft of currency

High: up to 75 USD

Example: Bugs associated with servers, UX and platform crashes.

Medium: up to 20 USD

Example: All bugs within the Nodes and code (incorrect payments, security vulnerabilities, rating system bugs etc.)

Low: up to 20 USD

Example: UI/Platform bugs resulting in poor user experience



Bug submission

Please describe the bug and how we can recreate it (if applicable). If possible, please provide screenshots, code or videos with your submission to assist us with your description.

For higher bounties, we would love to get your insights on how we can fix the bug or a possible workaround.

First, complete this user survey to make an account in our bug compensation system:
https://www.surveylegend.com/s/1728

Send your bug reports to leonard@bitjob.io, with the subject “BUG BOUNTY” and do join us on our Bounty Telegram Channel (https://t.me/bitjobbounty2). As soon as your bug report is received, our bounty judges will evaluate the severity of the bug and will contact you.