Bug Bounty

Do not PM team members on Telegram.

As the whole Earneo ecosystem integrated itself and as we continue to grow we expect that with that growth, issues will arise. In order to encourage the community to identify, report, and assist in solving these issues, we are announcing an official bug bounty program.

For each issue, our team will investigate, and if the issue is genuine, Earneo will reward the Bug Bounty hunter, depending on the severity of the issue, the level of details provided for each issue, and the assistance provided in finding a solution to them.

The reward will be either in RNO token, our Stablecoin. You found it, you choose it!

Reward

  • Non-damaging, cosmetic & front-end: $5
  • Low severity (without solution): $5
  • Low severity (with solution): $10
  • Medium severity (without solution): $10
  • Medium severity (with solution): $20
  • High severity (without solution): $20
  • High severity (with solution): $40
  • Critical severity (without solution): $40
  • Critical severity (with solution): $80

  • We are interested in issues that affect Earneo.tube. Issues that affect the website Earneo.io will also be considered, but are likely to be of low severity.


    Eligibility

    Eligibility and classification of submissions is wholly at the discretion of Earneo.


    In order to make a submission, you must email bugs@earneo.io, with a description of the issue (with as much detail as possible, including steps required to reproduce it), and a suggested solution (if available).

    We will accept a solution if it solves the issue, or contributes significantly to a solution. One reward per bug is available, and only the first eligible submission for each will receive a reward. Issues that are contingent on physical attack, social engineering, spamming, DDOS attack, etc. are not classed as bugs and will not be eligible.

    Please do not DM or email team members directly.


    If you do so, we may not see your submission.

    Note that if a submission becomes public, or is publicly reported before being fixed, then the submitter will be disqualified from any reward. Eligibility is also contingent on responsible investigation and reporting. Investigations that are pursued by means of exploitation, denial of service (DDoS), disruption to our operations, or any other action that could be construed as an attack, will not be eligible for a reward.