Introducing Melos Bug Bounty Program

We’re happy to see how quickly Melos Studio has grown so far, but with that comes some concerns. We have seen many recent crises and fraud incidents in projects in the same field due to the security loopholes of the projects themselves, and we cannot help but self-reflect and review. But the power of a team is ultimately limited, so we decided to brainstorm. We want to build on the work of Certik and Fairyproof and strive for perfection.

In addition to this, some people may be concerned that they are not computer literate and therefore cannot participate in this event. Melos invites suggestions for community processes and gameplay, and we hope to learn from this feedback to improve the experience of Melos’ users in terms of product or service.

Melos welcomes suggestions and ideas from capable community members and independent researchers, and we will continue to iterate on this foundation until we feel the design is perfect.

The bug bounty program rewards those independent researchers and ethical hackers when they find bugs or security holes in an official website or product.

The bug bounty program is the perfect place for security researchers or hackers to demonstrate their skills. Researchers or hackers can test their skills fairly and impartially to earn bounties.

Depending on your skills and reporting, you may have a nice bonus. And, for the participants, it can be a rewarding side hustle. However, we have limitations and requirements for bug reporting for this bug bounty program. Therefore, not every bug you report will earn you a reward.

For those who make suggestions for community processes and gameplay, we will also send some rewards as our recognition if their recommendations are helpful and exciting.

It would be helpful to carefully read the rules or guidelines of the bug bounty program before deciding to join the event.

It is a quarterly program. The start of each quarter depends on the time of the posting. As of this post, the bug bounty program for this quarter is considered started, and useful reports of bugs will be compensated moving forward. This quarter will begin on June 1 and end on September 1.

Bug/vulnerability reports can only be submitted during the opening hours of the event. Statements outside the event hours will be considered invalid.Issues that have already been submitted by another user or are already known to the Melos team are not eligible for bounty rewards. The reward will be given to the first person to report the bug.Please submit a high-quality report or video containing a written description of the bug, when the bug was found, and a fix that will allow the test case to pass.Public disclosure of a vulnerability makes it ineligible for a bounty.Avoid compromising any personal data, interruption, or degradation of any service.Don’t access or modify other user data. Localize all tests to your accounts.Don’t exploit any DoS/DDoS vulnerabilities, social engineering attacks, or spam.The determination of eligibility, scores and all terms related to the award are at the sole and final discretion of Melos.Studio.

Reward：

Melos Studio’s bug bounty program will share a total of $10,000 in Melos tokens based on the severity of the discovered bug (the prize is paid entirely from the token pool).

The severity and reward of each submission are entirely at the sole discretion of the Melos Studio team. But as a rule of thumb, we follow a risk-rating approach and estimate the severity of bugs based on 1) potential impact and 2) the likelihood that an exploit will occur.

Here are the severities and corresponding payouts:

critical:

Payment range: Total $5,000 worth of Melos token pool

example: Significant manipulation of the account balance

High:

Payment range: Total $3,000 worth of Melos token pool

example: Theft of privileged information（passwords, API keys, bank account numbers, social security numbers or equivalent）

Middle:

Payment range: Total $1,500 worth of Melos token pool

example: Panics or not adequately handled errors.

Low:

Payment Range: Total $500 worth of Melos token pool

Example: Lack of validations of blocks, transactions, and messages

Bonus:

Suggestions for community processes, gameplay, or even entire Melos products/ services/ programs will be rewarded with 5–10U of Melo’s tokens if Melos accept the proposal.

Remark:

Winners will be announced in the medium by September 30, 2022, and prizes will be distributed by October 2022.For a chance to win your full bug bounty, please make sure to include your exact username, email and wallet address in the feedback/survey form;An account can only be associated with your selected email and wallet addresses. Any attempt to gain an unfair advantage to earn rewards will disqualify all linked accounts. Melos reserves the right to make a final decision based on reasonable evidence.For security vulnerabilities and all other bugs: Email the description of the issue to us at support@melos.studio, or you can use the Melos. Ticket bot send the description of the issue to us.

Melos Studio is a decentralized meta+music web3 collaboration platform for musicians and music creators. It is also a pioneer within the decentralized creator economy, because Melos allows anyone to create music through its tools. The generated content can then be saved as NFTs and brought into circulation. Through the open re-creation of generated music NFTs, Melos functions as a social music platform, where music creators can collaborate, communicate, and co-produce.

Official website:https://melos.studio

Twitter: https://twitter.com/melos_studio

Telegram: https://t.me/melosstudiodao

Discord: https://discord.gg/melos

Medium :https://blog.melos.studio

OUR LINKS:
💥https://medium.com/@mycoinisbitcoin

💥https://www.youtube.com/channel/UC1nBGsIHwZ2abc3zOKyKyOA/featured

💥https://t.me/my_coin_is_bitcoin