Guide to CoverCompared’s Testnet & Bugbounty Programme

  • Issuing multiple policies to a user by paying for only one policy
  • Issuing a policy to a user by paying less than the quote price. The amount of funds lost due to this should be greater than 5% of the total quote price.
  • Loss of ETH/tokens from core Smart Contracts of CoverCompared. The amount of funds being lost should be greater than or equal to 5% of the total locked value.
  • Users being granted with system privileges causing loss of funds,user base manipulation, etc.
  • Bugs that may lock funds or render them inaccessible to the protocol or their owners.
  • Serious logic design flaws and process defects.
  • Issuing a policy to a user by paying less than the quote price. The amount of funds lost due to this should be greater than 5% of the total quote price.
  • Loss of ETH/tokens from Core Smart Contracts of CoverCompared. Where the amount of funds being lost is less than 5% of the total locked value.
  • Unauthorized sensitive operations.
  • Bugs that may enable malicious actors to masquerade other users and perform functions that would jeopardise the user’s/protocol’s funds.
  • Users being granted edit access to sensitive information which can lead to user base manipulation and inconvenience.
  • Vulnerabilities that require interaction and affect users.
  • Bugs relating to Gas Optimization.
  • Vulnerabilities that may affect/damage the protocol state.
  • General unauthorized operations, edit access, etc.
  • Local denial of service vulnerabilities and Direct denial of service
  • CSRF (cross-site request forgery), reflected-XSS, and so on.
  • Information leakage, such as path information, exception information, SVN information, and so on.
  • Using outdated versions of a system, supporting outdated versions of an encryption protocol, such as supporting low-strength encryption algorithms, SSL (secure-sockets layer) or TLS (transport-layer security) 1.0.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
CoverCompared

CoverCompared

711 Followers

The First DeFi Insurance marketplace for the global crypto ecosystem