image Bug Bounty Program - Delta Exchange

For any queries, email us at [email protected]

Sign up &

Start trading in minutes

Already a user? Sign In

By clicking “Register” above, you agree to our Terms of Use and Privacy statement. We’ll occasionally send you account related emails.

Bug Bounty Program - Delta Exchange

We run a Bug Bounty Program to reward external contributors that bring security vulnerabilities to our attention. The details on how the program works are available below.

 

Responsible Disclosure Policy

You disclose responsibly if you:

 

Bounty Rules

If in doubt, please email us at [email protected]

 

Services in Scope

Services provided on the following domains by Delta Exchange are eligible for our Bug Bounty Program: www.delta.exchange and all Delta Exchange APIs in production. Services provided on independent (sub)domains like testnet.delta.exchange and docs.delta.exchange are not included in the bounty program, though Delta Exchange could give bounties at its sole discretion also for reports on subdomains.

 

Qualifying Bugs

Any design or implementation issue that could result in substantial financial loss, data breach, or service degradation is within scope including, but not limited to:

 

Non-Qualifying Bugs

Depending on their impact, some disclosures may not qualify. Vulnerabilities in the following areas are examples of common exclusions:

 

Other Exclusions

 

Reward Guidelines

The following guidelines give you an idea of what we usually pay out for different classes of bugs – for all things not listed below, this program follows the Bugcrowd VRT (https://bugcrowd.com/vulnerability-rating-taxonomy) for prioritizing issues.

Priority Minimum Payout Maximum Payout
P1 $1000 $5000
P2 $800 $1500
P3 $200 $400
P4 $50 $150
P5 $0 $0