Security is our top priority. The CoinVale cryptocurrency exchange cares about the security of each user. Therefore, we encourage finding vulnerabilities on the exchange and pay rewards for their discovery.
We do not limit the maximum amount of rewards and can increase the reward depending on the severity of the vulnerability. You are more likely to receive an increased reward if you show how the vulnerability can be used to cause maximum harm.
Here is a list of approximate rewards for finding vulnerabilities:
Remote code execution
$5000
Manipulation of user balances
$3000
XSS/CSRF/Clickjacking affecting actions with user balances/trading/exchange/deposit
$2000
Theft of information related to passwords/API keys/personal information
$2000
Partial authentication bypass
$1500
Other vulnerabilities that can lead to financial losses or data leakage
$500
Other CSRF (except CSRF logout)
$500
Rewards will NOT be granted for DDoS, Self-XSS, Spam, Social engineering attacks.
To report it, send us an email; we will contact you as soon as possible and resolve the issue.
Contact Support Send vulnerability to Security