Responsible Disclosure

NovaDAX is committed to providing a safe and efficient trading environment and always considers the security of users as the first priority. Therefore, NovaDAX recognizes the importance and value of security researchers’ efforts in helping keep our community safe and encourages responsible disclosure of security vulnerabilities via our bug bounty program (“Bug Bounty Program”) described on this page.

If you discover a bug or potential security risk, Please contact us by email support@novadax.com.

Scope

Our responsible disclosure program covers all our products and services under our direct control:

  • com.br
  • com
  • Android: Play Store NovaDAX app
  • iOS: App Store NovaDAX app

Examples of issues that are eligible for rewards:

  • User Account Security
  • Theft of Funds
  • Sensitive Data Exposure
  • Broken Trading Functions

Examples of issues that are ineligible for rewards:

  • Issues already known to us
  • Issues with no (real) security impact (eg: font, image in the site)
  • Features suspended due to upgrade
  • Social engineering
  • Physical security

Reward and how to report an issue

Please send an e-mail to support@novadax.com with a proof of concept explaining the issue(s) you found.

We will review your submission in 2 weeks after receiving it. The reward is based on the severity of the vulnerability or creativity of the exploitation.

Compartilhar

Leave Comment

O seu endereço de e-mail não será publicado. Campos obrigatórios são marcados com *

Pular para a barra de ferramentas