Torus Documentation
Torus Documentation
Home
Blog
Overview
Getting Started
DirectAuth
Quick Start
What is DirectAuth?
Integrating DirectAuth
Supported Verifiers/Logins
Setting Up Verifiers/Logins
Compatibility and Common Patterns
Linking Accounts
Integration Guidelines
Redirects & Service Workers
Examples
FAQ
Torus Wallet
Quick Start
Changelog
Features
API Reference
Developing with Torus Wallet
FAQ
Integration Examples
How Torus Works
Overview and Architecture
Role of Torus Nodes
Key Generation and Resharing
Logins, Key Assignments and Retrievals
Torus Wallet
Proxy Verifiers
DKG Specification
Audits
Legal
Terms and Conditions
Privacy Policy
Cookie Policy
Contact
Bug Bounty
Powered by GitBook

Bug Bounty

We have an ongoing bug bounty program for security-related bugs that compromise key security. This is generally only applicable for https://app.tor.us.

The tiers are as follows:

  • Critical ($5,000) - Bugs that allow theft of user keys under normal operating conditions

    • Eg. Ability to access private key from the dapp JS context

  • High ($2,500) - Bugs that restrict user access to keys, cause loss of funds, system failure, or theft of user keys under restricted operating conditions.

    • Eg. Ability to reset a user's account to a new private key so they are unable to access their funds

  • Medium ($500) - Bugs that affect user access, cause service downtime, or affect usability of the system

    • Eg. Restricting logins for users so they are unable to access their wallet at certain times

  • Low ($200) - Bugs that do not directly compromise security but have the potential to affect users adversely and cause loss of funds

    • Eg. Spoofing authentication emails, presenting wrong information on the wallet

In order to ensure that your bug report is valid and has not already been reported, please reach out to hello@tor.us directly.

Legal - Previous
Cookie Policy
Last updated 5 months ago
Edit on GitHub