Shirin Bug Bounty
Ka taimaka mana mu kiyaye TronRental.com lafiya. Ka ba da rahoton raunin kuma ka sami lada a cikin TRX.
Yanki
Cikin yanki
- ✓TronRental.com API da aikace-aikacen yanar gizo
- ✓Hanyoyin tantancewa da izini
- ✓Biyan kuɗi da mu'amala da blockchain
- ✓Kare bayanan masu amfani da sirri
Wajen yanki
- ✗Hare-haren kin sabis (DoS/DDoS)
- ✗Injiniyan zamantakewa da phishing
- ✗Sabis na ɓangare na uku da abubuwan dogaro
Lada
Mai mahimmanci$500 – $2,000
RCE, allurar SQL, samun damar maɓallin sirri, satar kuɗi
Babba$200 – $500
Ƙetaren tantancewa, IDOR, haɓaka gata
Matsakaici$50 – $200
XSS da aka adana, ƙetaren iyakar ƙima, fallasa bayanan sirri
ƘanƙantaZauren Shahara
XSS da aka nuna, taken tsaro da suka ɓace, ƙaramin fashewa
Ana biyan lada a cikin TRX a farashin musaya a lokacin biya.
Dokokin
- •Bi bayyanar da alhakin — kar a bayyana raunin a fili kafin a gyara su.
- •Mai ba da rahoto na farko ne kawai ke cancanta samun lada.
- •Ana buƙatar Tabbacin Ra'ayi (PoC) don duk abubuwan da aka aika.
- •Ƙungiyar tsaronmu ce ke ƙayyade tsananin bisa tasiri da yiwuwar amfani.
- •Kar a sami dama, gyara, ko share bayanan sauran masu amfani yayin gwaji.
- •Ana ba da izinin bayyanar da jama'a kwanaki 14-30 bayan an tura gyaran.
Tsari
2
Tabbatarwa
Ƙungiyarmu tana nazari kuma ta tabbatar da matsalar
3
Gyarawa
Muna haɓaka kuma muna tura gyaran
4
Lada
Kuna samun ladan TRX bisa tsanani