openANX Bug Bounty Program

No More Bugs!

We are starting our bug bounty program for all contracts and software relevant for our upcoming token launch. Read more about our Token launch mechanics here <>

Major bugs will be rewarded up to 5000 OAX tokens. Much higher rewards are possible (up to 10000 OAX tokens) in case of very severe vulnerabilities. The bounty program will be capped at 50000 OAX tokens.

Most of the rules on apply. For example: First come, first serve. Issues that have already been submitted by another user or are already known (such as these) to the team are not eligible for bounty rewards.

Scope of Bug Bounty Program

Within scope:

Examples of what’s in scope

  • Being able to obtain more tokens (OAX) than expected
  • Being able to obtain OAX from someone without their permission
  • Bugs that allow the owner to lose control of the smart contract during the token sale period
  • Bugs causing a transaction to be sent that was different from what a user confirmed: for example, a user transfers 10 OAX but exactly 10 wasn’t transferred.

Submission deadline

The bug bounty ends on the 21st June, 2017.

Responsible Disclosure Policy

If you comply with the policies below when reporting a security issue to us, we will not initiate a lawsuit or law enforcement investigation against you in response to your report.

We ask that:

  • You give us reasonable time to investigate and mitigate an issue you report before making public any information about the report or sharing such information with others.
  • You make a good faith effort to avoid privacy violations and disruptions to others, including (but not limited to) destruction of data and interruption or degradation of our services.
  • You do not exploit a security issue you discover for any reason. (This includes demonstrating additional risk, such as attempted compromise of sensitive company data or probing for additional issues.)
  • You do not violate any other applicable laws or regulations.


Email your submissions to:

Don’t forget to include your ETH address so you can be rewarded (If more than one address is specified, only one will be used at the discretion of the bounty program administrators).

Anonymous submissions welcome.

For questions use the slack here

Credits: This bounty program borrowed heavily from the gnosis bounty program design.




OAX is a new, decentralized, digital asset ecosystem initiative run by the “The OAX Foundation Limited”. Go to to learn more.

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


OAX is a new, decentralized, digital asset ecosystem initiative run by the “The OAX Foundation Limited”. Go to to learn more.

More from Medium

SafeGram is excited to announce a strategic partnership with Skynet Trading!

5 Best DApp Browsers for Your Android and iOS Devices — UniFarm

HODL Games Enables Crypto Payments On 3 Games, Re-Invests Profits Into $HODL

How to use Zeus Network to quickly build your own DAPP?