This bug bounty program is focused on Tensor smart contracts and web/app and is focused on preventing the following impacts.
Thefts and freezing of NFTs of any amount
Thefts and freezing of SOL of any amount
<aside> ℹ️ We reserve the right to award bug bounties at our discretion.
</aside>
All other smart contract vulnerabilities will be decided on a case by case basis with a focus on user impact.
For severity level classification of all other vulnerabilities for apps & services, we will use NIST’s CVSS V3 calculator and the following table:
| Severity | CVSS Score Range |
|---|---|
| Low | 0.1 - 3.9 |
| Medium | 4.0 - 6.9 |
| High | 7.0 - 8.9 |
| Critical | 9.0 - 10.0 |
The following vulnerabilities are excluded from this bug bounty program: