LogoLogo
  • Envelop (NIFTSY) documentation
  • Documents
    • Key terms
    • F.A.Q.
    • White paper
      • Disclaimers
      • Introduction
      • Key terms
      • Industry (market) analysis and NIFTSY's place in it
        • Figures and facts
        • Possible implementations of Envelop
      • Protocol. Oracle. Index
        • Protocol
          • NFT as a new order ETF and a brief history of NIFTSY
        • Oracle
        • Index
      • The architecture of the Project and the role of the Token
        • DAO. Token. IDO
        • The token as a linking element in the project
        • IDO (Initial DAO offering)
      • Roadmap. Part. #01
      • Roadmap. Part #02
      • Conclusion
      • List of references
    • Lite paper
      • Abstract
      • Disclaimers
      • Market challenges - our solutions
      • The main hypostases and parts of the Project
      • Development strategy and market coverage
      • Additions
    • White paper (Spanish)
      • Descargo de responsabilidad
      • Introducción
      • Términos clave
      • Análisis de la industria (mercado) y el lugar de NIFTSY en el
        • Figuras y hechos
        • Posibles implementaciones de NIFTSY
      • Protocolo. Oráculo. Índice
        • Protocolo
        • NFTs como un nuevo de EFT y una breve historia de NIFTS
        • Oraculo
        • Índice
        • Untitled
      • La arquitectura del proyecto y el rol del token
        • DAO. Token. IDO
        • El token como un elemento vinculante en el proyecto
        • IDO
      • Mapa de ruta
      • Conclusiones
      • Lista de referencias
    • Lite paper (Spanish)
      • Abstracto
      • Descargo de responsabilidad
      • Los desafíos del mercado y nuestras soluciones
      • La hipótesis principal y partes del proyecto
      • Estrategia de desarrollo y cobertura de mercado
      • Adiciones
    • White paper (BAHASA INDONESIA)
      • PENAFIAN
      • PENGANTAR
      • ​KATA KUNCI
      • ANALISIS INDUSTRI (PASAR)) DAN KEDUDUKAN niftsy DI DALAMNYA
      • Angka dan Fakta
      • Kemungkinan implementasi NIFTSY
      • PROTOKOL. ORACLE. INDEKS
        • Protokol
        • Oracle
        • Indeks
      • ARSITEKTUR PROYEK DAN PERAN TOKEN
      • DAO. Token. IDO
      • Token sebagai elemen penghubung dalam proyek
      • IDO
      • ROADMAP
      • KESIMPULAN
      • DAFTAR REFERENSI
    • LITE PAPER (BAHASA INDONESIA)
      • Abstrak
      • Penafian
      • Tantangan pasar - solusi kami
      • Hipotesis utama dan bagian dari Proyek
      • Strategi pengembangan dan cakupan pasar
      • Tambahan
    • Tokenomics
      • General provisions
      • Links
  • Technical documentation
    • URLs of dAPPs
    • Technical paper
      • Introduction
      • Protocol
      • Oracle
      • Index
      • Stack
      • Conclusion
    • Smart-contracts
      • Deployment addresses v2
      • Deployment addresses v1
      • Deployment addresses v0
      • Security and smart contracts
      • Contract NiftsyERC20.sol
      • Protocol
        • V0
          • Audit
          • Contracts
            • WrapperWithERC20Collateral (V.0)
            • WrapperDistributor721.sol
            • WrapperFarming.sol
        • V1
          • Audit
          • Contracts
            • WrapperV1
            • AdvancedWhiteList.sol
            • EnvelopwNFT721
            • EnvelopwNFT1155
            • Saft
            • SBT smart-contract Factory
          • Gas measurements for Protocol version 1
      • Launchpad
        • V0
          • Launchpad.sol
        • V1
          • NFTKiosk.sol
          • DefaultPriceModel.sol
      • Subscription service
      • Factory (smart-contracts) minting
      • P2P NFT/wNFT trading service
    • Envelop dApps Troubleshooting
  • Tutorials
    • Introduction to tutorials
    • dApps
      • Minting
        • Version 0
          • Release notes
          • Instruction
          • Video
        • Version 1.1
          • Release notes
          • Instruction
          • Video
      • Main app
        • Version 0
          • Release notes
          • Instruction
          • Aptos instruction
          • Video
        • Version 1.0
          • Release notes
          • Instruction
        • Version 1.1
          • Release notes
          • Instruction
          • Video
      • Cross-NFT
        • Version 0
          • Release notes
          • Instruction
          • Video
      • Launchpad (wINO)
        • Version 0
          • Release notes
          • Instruction
          • Video
        • Version 1
          • Release notes
          • Instruction
            • NFT trading
            • ERC20 tokens trading
          • Video
      • Farming
        • Version 0
          • Release notes
          • Instruction
      • SAFT wNFT
        • Version 0
          • Release notices
          • Instruction
          • Video
        • Version 1.0
          • Release notices
          • Insctruction
          • Video
        • Version 1.1
          • Release notices
          • Insctruction
          • Video
    • Oracle
      • Version 0
        • Release notices
      • Version 1
        • Release notices
    • Subscription service
      • Version 0
        • Release notes
      • Version 1
        • Release notes
    • Metamask settings for different networks
    • How to wrap your NFT
    • How to make SAFT wNFT
    • How to unwrap your wNFT
    • How to mint Soulbound tokens with Envelop
    • How to use Wrapper from Safe Gnosis
    • Video tutorials
  • Bounty
    • Bounty FAQ
    • General conditions
    • Bounty rules
    • Approximate (maximum) activity estimates
    • Bug Bounty
  • Legal
    • Privacy-policy
    • Legal FAQ
    • DAO
    • Archive
      • Licence
  • ARHIVE
    • Archive tutorials
      • Wrap NFT
    • Others
      • Marketplace (Scotch.sale)
      • How do I buy on DEXs?
        • Uniswap
        • PancakeSwap
        • QuickSwap
Powered by GitBook
LogoLogo

Links:

  • envelop.is
  • daoenvelop.eth

dApps:

  • app.envelop.is
  • crossing

Soc. nets:

  • blog
  • youtube
On this page

Was this helpful?

  1. Bounty

Bug Bounty

Whitehack2earn (h2e). Use your skills for the good of web3. Make the world a better and get profit.

PreviousApproximate (maximum) activity estimatesNextPrivacy-policy

Last updated 1 year ago

Was this helpful?

***

Reporting .

***

Already 780,000 NIFTSY tokens have been paid out for bugs found

***

Tested directions of the applications:

  • operation of each implemented functionality

  • interaction with crypto wallets

  • dAapps interaction with backend

Prerequisites:

  • testing and troubleshooting to perform in Chrome, Firefox browsers?

  • Metamask transaction wallet

List of applications to search for bugs:

***

Frontend levels of bug severity:

  • Blocker (S1). Such an error makes it impossible to proceed with using or testing the software. There aren't any ways to work around it.

  • Critical (S2). It is an incorrect functioning of a particular area of business-critical software functionality. There is an alternative way to work around it.

  • Major (S3). An error has a significant impact on an application, but other inputs and parts of the system remain functional, so you can still use it. At the same time, there is more than one entry point to initiate the desired functionality

  • Minor (S4). A defect is confusing or causes undesirable behavior but doesn’t affect user experience significantly. Many UI/UX bugs belong here.

  • Low/Trivial (S5). A bug doesn’t affect the functionality or isn’t evident. It can be a problem with third-party apps, grammar or spelling mistakes, etc.

***

Level
Rewards (wNFT with NIFTSY as collateral )
Time-lock (Weeks)

S1

150 000

40

S2

50 000

20

S3

20 000

10

S4

7 000

4

S5

2 000

2

***

At Envelop, we classify bugs on a widely used scale. For version 1 of the protocol, we identify the following directions of attack:

Critical

  • Blocking to user unwrapping of wNFT and getting collateral

  • User`s funds losing during wrapping or adding collateral

  • Withdrawing tokens of collateral without unwrapping of own or someone else's wNFT

  • Withdrawing original NFT without unwrapping of own or someone else's wNFT

  • Getting collateral tokens during unwrapping of wNFT more than was added in it

  • Increasing amount of collateral tokens in accounting registers of smart contracts

  • Decreasing amount of collateral tokens in accounting registers of smart contracts

  • Changing owner of smart contracts

  • Withdrawing native tokens from smart contracts addresses of protocol

  • Withdrawing ERC20 tokens from smart contracts addresses of protocol

  • Withdrawing ERC721 or ERC1155 tokens from smart contracts addresses of protocol

High

  • Unauthorized Adding address of smart contract in whiteList

  • Unauthorized Adding address of smart contract in blackList

Medium

  • Unbounded gas consumption

  • Increasing of gas consumption with every next operation

  • Blocking possibility to wrap NFT

  • Blocking possibility to add collateral to wNFT

Low

  • Creation of conditions to get-methods return wrong data

Level
Rewards, wNFT with NIFTSY as collateral
Time-lock, week

Critical

1 000 000

40

High

400 000

20

Medium

100 000

10

Low

25 000

4

form
https://appv1.envelop.is/list
https://appv1.envelop.is/mint/
https://appv1.envelop.is/saft