Reporting Security Vulnerabilities

You are welcome to report any vulnerability online via VelcomEx Security Response Center. Please do not disclose the vulnerability until it is resolved. We promise every report will be evaluated, followed up, and responded by a dedicated team. All white-hats who contribute to accepted reports will be given rewards.

Risk Levels and Rewards
Risk Level Description Reward
SeriousSerious Loopholes in core business systems that endanger the security of user's assets and data. 8-10 ETH
HighHigh Unauthorized operation, serious SQL injection, loopholes that could causelarge-scale impact to users, source code leakage, etc. 5-8 ETH
MediumMedium Loopholes that could affect some users, alteration of user data, etc. 2-5 ETH
LowLow Regular CSRF, SMS bombs, normal data leakage, etc. 1-2 ETH
Introducing VelcomEx Security Response Center

VelcomEx Security Response Center wishes to create a more secure and stable digital asset exchange together with all users and white-hats. We welcome everyone to report any vulnerability found on VelcomEx app, helping us improve the security of our products and businesses. Our dedicated team will take immediate actions to follow up and inform you the results in time. We will also offer you digital asset rewards according to the risk level of your reported vulnerabilities as a gesture of appreciation.

Install VelcomEx App