Check out the Issue Explorer
Looking to fund some work? You can submit a new Funded Issue here.
# Gitcoin Grants - Smart Contract Bug Bounty
Hello bounty hunters,
Gitcoin Grants is a platform to fund your open source work with recurring payments. We've developed Gitcoin Grants so that OSS Developers can crowdsource funding for the awesome work they are already doing and allow companies to provide more significant recurring funding for contributions on their open source repos.
The task is to find security vulnerabilities in our Subscription smart contract. A security vulnerability is any issue that impacts the well-being of the end-user on the platform. Compensation will not be provided for visual, optmization, or interface issues.
## Application details
The contract can be found at https://github.com/gitcoinco/grants1337/blob/master/Subscription/Subscription.sol. The dependencies are solidity.
Unfotunately, we do not have a truffle test suite written. We need to implement a listener in the main app in order to do so, but hope to have one up soon.
## Severity OWASP model
![Sample OWASP model](https://user-images.githubusercontent.com/23189295/44337157-8c7c0d80-a471-11e8-8231-ca1b113fd791.png)
Payouts are structured according to the severity of the security issue raised. See aforementioned OWASP model for more info.
* Critical - 2.5ETH
* High - 1.75 ETH
* Medium - 1 ETH
* Low - .25-.50 ETH
*We may receive many responses before being able to implement changes, because of this payouts will be for bugs that are unknown to us at the time of notification.*
Please email any findings to email@example.com.