Spores’ Marketplace Testnet & Bug Bounty Program

3 years ago 173
BOOK THIS SPACE FOR AD
ARTICLE AD

Community Space

Spores Network

Spores’ Marketplace Testnet & Bug Bounty Program

The Spores Testnet is finally here!!!

TESTNET

Our team has been working very hard and we’re excited to finally be able to give our community members a preview of Spores marketplace.

This announcement is also an invitation for you to be a part of our testing phase. Our Testnet will feature the following:

First look at our highly anticipated marketplaceLive features: Auction, Explore, Minting, Connect Wallet, etc.

In addition, as part of Spores’ commitment to ensure that the marketplace is safe and free of bugs for all users involved in our ecosystem, we decide to conduct the Bug Bounty Program for the Testnet: http://testnet.spores.app/ with the total prize pool of up to USD 5,000.

The Bug Bounty Program is designed to not only engage users to find bugs and imperfections but also to encourage our community to protect the work of creators on our marketplace. If there is any bug in our system, please submit the report to us via filling the form: https://spores.link/2Vcvw4w and receive the reward (if qualified).

From now to 23:59, 16th August (UTC)

Types of Bugs

We are looking for these below kinds of bugs on our testnet:

Low Bugs

Open Redirect on Sensitive ParameterImproper Direct Object Reference (IDOR)Open Redirect

Medium Bugs

Authorization flowSQL InjectionAuthorization FlawSensitive Data ExposureServer-Side Request Forgery (SSRF)UI/UX (visual inconsistencies or functional issues)

High Bugs

Remote Code Execution (RCE)Remote File Inclusion (RFI)Significant Authentication Bypass

Out of Scope

In the interest of the safety of our users, unsafe test types such as the following are excluded from scope and not eligible for a reward:

Attacks that the hunter has identified and exploited, leading to damagesDisclosure of Software versionPublicly accessible login panelsEmail SpoofingPhishing attacksSocial engineering attacksPhysical security testsDoS / DDoSPhishingMalicious software/extensionsDisclosure of non-sensitive information, such as product/framework versionID enumeration (such as user, design, folder, etc) without any further impactDisclosure of users information that is publicly availableInsecure cookie settings for non-sensitive cookiesFunctional and spelling mistakesReports based on product/protocol version without a proof of concept of exploiting the vulnerability

Reward Mechanism

For each bug found and successful submission at https://spores.link/2Vcvw4w, you’ll be rewarded tokens based on:

The Severity of Bug (Main Criteria)Quality of description: Higher rewards are paid for clear, well-written submissions.Quality of reproducibility: Please include test code, scripts, and detailed instructions. The easier it is for us to reproduce and verify the vulnerability, the higher the reward.Quality of fix, if included: Higher rewards are paid for submissions with a clear description of how to fix the issue.

Note: Two weeks after the deadline of the program, Spores Network Team will send you a verification confirmation (if qualified).

Prize Structure

Total Prize Pool: $SPO Token Value = $5,000

Low Bug — Total $SPO Token Value = $500*Medium Bug — Total $SPO Token Value = $1500*High Bug — Total $SPO Token Value = $3000*

* Note: All bounty rewards are to be paid within 2 weeks after the bug report is verified by our team. Rewards will be paid in $SPO and the team’s decision is final. The number of Tokens users may receive will be based on the average rate during the bug bounty period

Bug hunting rules

The bug bounty program is an experimental and discretionary rewards program for Spores’ active members to encourage and reward those who are helping to improve the platform. It is not a competition. You should know that we can cancel the program at any time, and awards are at the sole discretion of the Spores Network bug bounty panel. In addition, we are not able to issue awards to individuals who are on sanctions lists or who are in countries on sanctions lists. You are responsible for all taxes. All awards are subject to applicable law. Finally, your testing must not violate any law or compromise any data that is not yours.Testing is only authorized on http://testnet.spores.app/Any/all subdomains not listed above are out of scope. If you believe you’ve identified a vulnerability on a system outside the scope, please reach out to support@spores.com before submitting.Issues that have already been submitted by another user or are already known to spec and client maintainers are not eligible for bounty rewards.Public disclosure of a vulnerability makes it ineligible for a bounty.Spores’ Team members are not eligible for rewards.Spores considers a number of variables in determining rewards. Determinations of eligibility, score, and all terms related to an award are at the sole and final discretion of the Spores Network bug bounty panel.

About Spores
Spores Network founders believe that crypto will lead to decentralization of ownership and frictionless redistribution of capital. Their mission is to create an NFT ecosystem that is creator-centric, community-driven, frictionless, and borderless. To that end, Spores has built a cross-chain DeFi-powered NFT marketplace defining decentralized pop culture, sharing NFT content across gaming, esports, animation/anime, digital fine arts, music, and film/TV. Spores co-founders include Duc Luu (Nasdaq IPOed serial entrepreneur ), Eric Hung Nguyen (former senior investment analyst at a top-10-worldwide hedge fund), and a diverse team of advisors across blockchain and entertainment.

Join our collective. Tell your story. Share our vision, at Spores Official!

Follow us on our Social Media: Twitter | LinkedIn | Facebook |Instagram | Pinterest | YouTube |Chat to us on Telegram or get updates on Telegram Ann

International Telegram Chat groups: Spanish | Portuguese | Russian | Turkish | Japanese | Korean | Chinese | Vietnamese |Filipino

Read Entire Article