Security is a top priority for us, and we take it very seriously. We put a lot of effort into our trading platform, infrastructure, and processes to ensure that CoinAmount is safe and secure for our customers. We also put a lot of effort into ensuring the security of our customer�s data. However, in case you are able to discover any security vulnerability, we would appreciate your help in responsibly reporting the issue to us so that we can investigate and address it as soon as possible.
We will award an amount in one of our listed assets on a case-by-case basis depending on the severity of the issue. Please note that we only award one bounty per bug.
Let us know as soon as possible upon discovery of a potential security issue, and we'll make every effort to quickly resolve the issue.
Please provide us with a reasonable amount of time to resolve the issue before any disclosure to the public or third-party.
Do not violate customer privacy, destroy data, disrupt or degrade our service. Only interact with accounts you own or with explicit, written permission of the account holder that you can provide to CoinAmount. Otherwise, your actions may be interpreted as an attack rather than an effort to be helpful.
Please provide detailed reports with reproducible steps. If the report is not detailed enough to reproduce the issue, the issue will not be eligible for a reward.
Submit one vulnerability per report, unless you need to chain vulnerabilities to provide impact.
Any design or implementation issue that results in the loss/compromise of data or money for CoinAmount or any of its customers.
The most common examples are:
We cannot reward bounties for issues that are outside of our direct control, such as:
Submit your issue report through our support page. Submissions must be made in English.
Try to include as much information in your report as you can, including a description of the issue, its potential impact, and steps for reproducing it or proof of concept.
Prior to claiming your reward, CoinAmount will complete an ID verification check