• Home
  • Report vulnerability

Report vulnerability

ByteLixir is a platform that is committed to a better Internet. Making the Internet a safer place is what we strive for. As we are always improving our platform, the security point is our priority. Online safety of our users, clients and business partners is key. So if you know about and want to submit to us an example of abuse on our website, or our network, products, or KYC and AML policies, feel free to report the problem to our support team. We’re interested in resolving security issues as soon as possible.

To benefit our users, we have designed a project aimed at collecting vulnerabilities. For each security issue found, users get rewarded with a set sum of money. Below you can read about our project in detail.

You can report any bugs found on: ByteLixir website https://bytelixir.com
ByteLixir application (Windows, Android, MacOS + Docker (Linux, x86, arm/Raspberry pi).

Report vulnerability

Rewards

The rewarding includes 3 plans: basic, high-impact, and critical, with $100, $300, and $600 rewards, accordingly. We reserve the right to vary the rewarding sum for other security vulnerabilities.

  • Basic $100
    • Web-based issues: scripting at the cross-site level
    • Web-based issues: XSRF Clickjacking aka user interface redress attack
    • Authentication or authorization bugs
    • Misconfigurations concerning either the production server or the customer software
  • High-impact $300
    • Distant execution of the code execution
    • Data collection on the side of a production server
    • Access control which may enable someone to view or exercise control of another customer's account
    • Access control that may expose sensitive and personally identifiable data
  • Critical $600
    • Distant execution of the code execution on the production server
    • Important authorization bypass related to the production server that contains crucial data
Please note

Please note

We do not reward UI/UX bugs as they are not considered security vulnerabilities. However, if the website or application design novelty has a high security impact on users or clients, feel free to submit a report.

Important questions

  • Which language do I report issues in?

    We accept reports in English.

  • Are minors allowed to participate in the ByteLixir vulnerability reward project?

    If you are under 18, you’re allowed to participate in our reward project. If you’re under 12, you will need to claim your bounties through your parent or legal guardian, according to the Children’s Online Privacy Protection Act which restricts our ability to collect personal information from children.

  • What currency do I get paid in?

    Payments are made in U.S. dollars (USD). Any taxes of your reward become your responsibility as they are set by the legislature of your country/state.

  • What happens if I don’t claim my reward?

    Any reward unclaimed within 2 months gets canceled.

The site uses Cookies. We ask your permission to place Cookies in your browser. For more information, please read our Cookies Policy. This tool uses Cookies and will remember your choice. If you agree with the Policy, click "I agree". If you do not agree with the Policy, press "I do not agree" (however in this case some features of the site may be unavailable).

I do not agree