DragonEx has announced a bounty program for hunters who would be rewarded if they find bugs in the exchange’s codes. The announcement was contained in a release issued on November 28. The release highlighted the importance of external developers and researchers in the quest to secure the exchange.
According to the post, the management of the exchange is determined to ensure high level security for all customers’ assets. In view of this, it has earmarked bounty rewards for participants that discover vulnerabilities that could be exploited by hackers.
These were classified as high risk, medium risk and low risk for which the exchange allocated various rewards.
The statement stated that the bounty system would reward vulnerabilities found accordingly:
“High risk: 100-500 DT
Medium risk: 30-100 DT
Low risk: 10-30 DT
Extra 50% bonus for the second report eligible for reward (At least Medium risk)
Extra 75% bonus for the third report eligible for reward (At least Medium risk)
Extra 100% bonus for fourth or more reports eligible for reward (At least Medium risk)”
In its supplementary note, the DragonEx team stated that the rewards would go to the first researcher to identify a verifiable vulnerability and submit a report. It added that subsequent reports submitted by others on the same bug would be replied by correspondence explaining to that the bug has been reported by another bounty hunter.
To avoid misrepresentation of the threat of vulnerability, researchers could send email to the exchange if they felt that the threat posed by a bug was wrongly classified.
A post seen at the DragonEx telegram channel stated,
“Reward distribution will be issued within 1 week after the vulnerability report is verified, which can be viewed in DragonEx Account – Bills; Rewards will be issued in the form of DT, some special reports DragonEx will also provide additional rewards”
Cryptoinfowatch reported that DragonEx was hacked in March. The Singapore-based exchange is poised to prevent another breach of its platform’s security.