Bug Bounty

Search…

Bug Bounty

Whitehack2earn (h2e). Use your skills for the good of web3. Make the world a better and get profit.

At Envelop, we classify bugs on a widely used scale. For version 1 of the protocol, we identify the following directions of attack:Critical
Blocking to user unwrapping of wNFT and getting collateral
User`s funds losing during wrapping or adding collateral
Withdrawing tokens of collateral without unwrapping of own or someone else's wNFT
Withdrawing original NFT without unwrapping of own or someone else's wNFT
Getting collateral tokens during unwrapping of wNFT more than was added in it
Increasing amount of collateral tokens in accounting registers of smart contracts
Decreasing amount of collateral tokens in accounting registers of smart contracts
Changing owner of smart contracts
Withdrawing native tokens from smart contracts addresses of protocol
Withdrawing ERC20 tokens from smart contracts addresses of protocol
Withdrawing ERC721 or ERC1155 tokens from smart contracts addresses of protocol
High
Unauthorized Adding address of smart contract in whiteList
Unauthorized Adding address of smart contract in blackList
Medium
Unbounded gas consumption
Increasing of gas consumption with every next operation
Blocking possibility to wrap NFT
Blocking possibility to add collateral to wNFT
Low
Creation of conditions to get-methods return wrong data
Level
Rewards, wNFT with NIFTSY as collateral
Time-lock, week
Critical
1 000 000
36
High
200 000
12
Medium
40 000
4
Low
10 000
1

Bounty - Previous

Approximate (maximum) activity estimates

Next - Legal

Legal FAQ

Last modified 3mo ago

Copy link