The Plisio Bug Bounty Program
Help us find code vulnerabilities and get Bitcoin rewards.
Help Us Find Security Flaws
Plisio is committed to providing a secure environment for its users. While our IT specialists work diligently to identify any potential security issues, it's always possible that some may be missed.
As a result, we have launched a bug bounty program that enables all Plisio users to earn rewards for helping find code vulnerabilities.
Issue Description Quality
Issue Fix Quality, if provided
What Bugs We’re Looking for?
The Plisio bug bounty program applies to all the services offered on our platform. We consider vulnerabilities that could lead to financial loss or data breaches as most severe. Such issues may include, but are not limited to:
Sensitive Data Breach
How to Report a Bug
Find any of the vulnerabilities stated above and compile a report that contains a sufficient proof of concept. For instance, in case of web-related problem, a report should contain:
- HTTP requests/responses with impacted parameters
- Screenshots or videos (if needed)
- Browser info (type), OS, device, and app version
- Description of the potential issue consequences
- Recommendations on how to fix the issue (optional)
Let us know about the bug before publicly sharing it anywhere – it will give us time to evaluate and fix the issue.
State your BTC address for payment.
Use the Plisio PGP Public Key to encrypt your report (link to the right).
Submit your vulnerability reports to: [email protected]
We expect all bug bounty program participants to respect the following responsible disclosure principles:
- Provide us a reasonable amount of time to fix the issue before sharing it elsewhere.
- Do not violate the other users’ privacy (do not interact with individual accounts), damage the platform data, or engage in fraudulent activity towards Plisio or its users.
- Use your own account for purposes that require account access.
- If you unintentionally accessed private data (like access codes), delete it after notifying us first.
- If you were able to access Plisio funds due to a bug, you must return the entire amount to Plisio.
PGP Public Key
Found a Bug? Report It
Let us know as soon as possible when you discover of a potential security issue, and we'll do our best to patch it.
Sign up for free in 2 clicks • Easy setup in 2 minutes • Tech support 24/7