No funded issue found.
Check out the
Issue Explorer Be the OSS Funding you wish to see in the world.
Looking to fund some work? You can submit a new Funded Issue
Workers Auto Approve
Coinvest V3 Token and Investment Contracts Bug Bounty
Solidity, Ethereum, Bug, Security, Bounty
### Coinvest has opened our V3 token and Investment contracts bug bounty! ###
### Details ###
Our [readme](https://github.com/CoinvestHQ/COIN/blob/master/README.md) has details on the operation of the contract. Please review that before posting any bounties.
### Contracts ###
The contracts in scope are:
### Additional Intended Behavior ###
The COIN token is based on the ERC865 standard. This allows users to pay gas using COIN instead of ether when the transaction is sent through a delegate.
The previous version of the COIN token had a transaction malleability error stemming from using signatures as unique identifiers so keep an eye on this contract!
There is also a TokenSwap contract created in order to allow for the exchange of COIN V1 and COIN V2 to COIN V3. V1 is an ERC223 token, V2 is our old ERC865, and V3 is our new ERC865.
Investment, UserData, and Bank:
These contracts form an investment system that allows users to purchase and sell singular and indexed assets at market price. When a user purchases, CryptoCompare is queried through Oraclize for the current price of the asset, then funds are transferred from the user to the bank for safe-keeping.
UserData is then modified on a successful purchase and will keep track of all user holdings.
Buys and sells must be able to be made using COIN, must be able to be made using our token's pre-signed system, and must be able to exchange COIN for CASH or vice versa (to name a few requirements). CASH is a stablecoin element of our system that is not yet being launched, so for now we also need to be sure no vulnerabilities come from NOT having CASH.
The pre-audit version of this contract had a bug related to how the CryptoCompare API returns results so make sure to examine all parts of the system.
### Rewards ###
Critical: 15 ETH
A critical bug is a bug that will enable stealing of funds, major loss of funds, or permanent disablement of a contract.
Major: 5 ETH
A major bug significantly affects the ability of the contract to operate. These would include ERC incompatibilities (ERC865 not applicable because of its lack of maturity) and certain functions being unable to operate.
Minor: 1 ETH
Minor bugs entail an issue regarding the contract not operating as it was designed, but in a non-threatening manner.
### Contact Info ###
Please submit any bugs to email@example.com bugs should be e-mailed to us, not submitted as an issue. The Token Bug Bounty will end on 11/4/18 and the Investment Contracts Bug Bounty will continue indefinitely. All rewards are issued at the sole discretion of the Coinvest team.
Setup your profile
Tell us a little about you:
No results found for
Type to search skills..
Required [[totalcharacter]] / 240
Are you currently looking for work?
[[ option.string ]]
Setup your profile
Our tools are based on the principles of earn (💰), learn (📖), and meet (💬).
Select the ones you are interested in. You can change it later in your settings.
I'm also an organization manager looking for a great community.
Enable your organization profile
Gitcoin products can help grow community around your brand. Create your tribe, events, and incentivize your community with bounties. Announce new and upcoming events using townsquare. Find top-quality hackers and fund them to work with you on a grant.
These are the organizations you own. If you don't see your organization here please be sure that information is public on your GitHub profile. Gitcoin will sync this information for you.
Select the products you are interested in:
Out of the box you will receive Tribes Lite for your organization. Please provide us with a contact email: