🍰DEGENWIN BUG BOUNTY PROGRAM
Get up to 300,000 USD
Degenwin provides public bounties for exposing vulnerabilities and bugs. What does this mean? As you know, we are constantly improving our platform to keep it running as efficiently and smoothly as possible. In addition, the Degenwin community is really huge - we have many hackers, security engineers, and experienced, observant players among us. This means that together we can make the platform better and defeat all bugs.
Anyone who helps to correct bugs will receive a huge reward - up to 300,000 USD (in DGW)! Find a vulnerability or a bug and report it. We’ll be happy to investigate and fix it and you’ll get the reward.
Cases for Bug Bounty on Degenwin
Hot wallet accessibility - up to 300,000 USD (in DGW)
Vulnerabilities that allow withdrawal of funds from hot wallets.
Account penetration - up to 100,000 USD (in DGW)
Technical vulnerabilities that allow access to someone’s account.
Balance manipulation - up to 50,000 USD (in DGW)
Vulnerabilities that allow manipulation of user balances.
Original game bugs/exploits - up to 50,000 USD (in DGW)
House edge bugs or vulnerabilities in Original games that allow winning consistently.
Server vulnerability - up to 50,000 USD (in DGW)
DDoS attack on the platform that leads to its partial or total incapacity.
Platform’s bonuses abuse - up to 50,000 USD (in DGW)
Issues with Cashback, Referral bonuses, etc.
Bugs/exploits in the Integrated games (Slots, Live, Table, and Sportsbook) - up to 20,000 USD (in DGW)
Bugs in games from different providers that allow winning consistently.
Medium functional bugs - up to 1,000 USD (in DGW)
Functional defects of the platform that do not concern layout, text typos, and other visual defects.
⚠️ The size of the reward in any of the foregoing cases depends on the severity of the vulnerability, which is determined by our team during testing.
Degenwin Bug Bounty report flow
If you find a bug, exploit, or vulnerability, please report this to info@degenwin.app. Describe the bug in detail with steps to reproduce and a full description. Also, show the result of using this bug/exploit/vulnerability.
Here are details of the procedure and important points of the Degenwin report flow:
You must not share the information about the bug/exploit/vulnerability on the internet, be it a community or forum, etc.
The first response time from Degenwin can take up to 3 days.
We check all points of your report within 1 week after the first response. After that, we notify you about the test results.
If the bug is confirmed and reproduced, we try to quickly resolve the bug/exploit/vulnerability within 2 weeks after the first vulnerability was confirmed.
If the bug is not confirmed and reproduced or is already known, the Degenwin team closes the case with no reward.
Degenwin is obligated to pay the reward immediately after the bug/exploit/vulnerability is fixed.
⚠️ If you have found a critical bug, Degenwin asks you to duplicate the report in the Live Support chat for a faster response to the problem.
Report Closure
Degenwin verifies all results reported through our Bug Bounty program. Each report is reviewed and evaluated to ensure credibility. If the description in the report is not clear, we request additional information from the reporter. After aggregating all the information, the presentation of the report goes through an internal review and evaluation process. Once the internal review process is complete, all bugs that are not reproducible, invalid, or uninformative will be closed.
⚠️ The investigator must provide detailed information and supporting evidence to all reports. Failure to provide a detailed report will result in delayed sorting and/or closure of tickets.
⚠️ If a user discovers a vulnerability, he should not use it. We ask the researcher to give us a reasonable opportunity to resolve the issue before making it public.
Submit a detailed description of the problem and the steps you think might be needed to reproduce what you’ve observed. Please, do your best to protect the privacy, confidentiality, and integrity of the users' data. The privacy of our community is extremely important and we greatly appreciate your help in maintaining it. Please understand that we cannot work with anyone who violates relevant laws or regulations, attempts to exploit a security issue, or access other users' data.
Thank you for your cooperation!
Last updated