BUG BOUNTY

Introduction

ZV Chain is a high performance, secure, and efficient decentralized distributed application platform. Based on an original VRF+BLS-based consensus algorithm Chiron achieves high performance and low power consumption while ensuring decentralization and high security.

In order to identify possible system security risks of ZV Chain as early as possible, the ZV Foundation will begin a bug reward scheme for all contracts and software related to the upcoming launch ZV Chain main net.

Major bug fixes will be awarded up to $2,500 (USDT). If you find serious defects, the bonus can be up to $5,000.

Scope of Bugs

Our Bug Bounty program covers all code related to the ZV chain network and coins.

This includes all the code covered by the following links:

https://github.com/zvchain/zvchain

Rules & Rewards

• Since the announcement of this news, the Bug Bounty Program has started.

• All valid bug reports will be rewarded. The Bug Bounty Program will continue even after the token is released.

• We will use OWASP risk analysis theory to determine the severity of bugs related to ZV Chain tokens. For example:

-- Critical, A bug that can be used to generate a large number of tokens out of thin air to affect the system's monetary system.

-- High, Find a way for a user to use a token that exceeds their own.

• Please note that the quality of the bug submission will affect the level of the reward. A high-quality commit includes an introduction to how to reproduce the bug, a test case that will lead to failure, and a method to fix the test case.

• High quality submissions may result in more than the above explicit rewards.

• Please note that all rewards will be paid using USDT, and code auditors who have been employed by ZV Chain will not be rewarded.

How to Report

To get involved in ZV Bug Bounty Program, please visit

https://slowmist.io/zvchain/

Or you can send the question to: dev@ zvchain.io

We also welcome anonymous submissions, please let us know the digital currency wallet address to receive the rewards.

If you have any questions about the Bounty Program, you can refer to the Ethereum Foundation Bug Bounty Program, and most of the terms will apply as similar.

Legal statement

If you are following the stated requirements as below when solving about our security issues, we will not sue or conduct a legally compulsory investigation of your report.

Our Requirements:

• Before you disclose any information about this issue publicly, provide us with a reasonable and sufficient time to investigate and resolve the issue.

• You will do your utmost to avoid infringing on the privacy and influence of others, including (but not limited to) destroying data, disrupting or worsening our services. You will exploit the security holes you find for any reason. (This includes proving other risks, such as trying to invade company sensitive information or looking for more vulnerabilities.)

• You will not exploit the security holes you find for any malicious reason. (This includes proving other risks, such as trying to invade company sensitive information or looking for more vulnerabilities.)