Liminal secures FSP license from FSRA in ADGM   Read more

Calling all white-hat hackers and testers to join our bug-bounty program

Introducing a Bug-Bounty program for our Vaults app, API calls and prod keys to plug the errors immediately and create a hack-proof infrastructure. We aim to promote responsible disclosure of security vulnerabilities through this program

Sr No.

Researcher Name

Vulnerability Name

Profile

1

Riya Lakhara

Missing HSTS Header

2

Prathamesh B. Vilayatkar

Information Disclosure

3

Chinmay Tare

Broken Link Hijacking

4

Muhammad Qasim Riaz

Click Jacking

5

Raju Basak

Text Based Injection

6

Abdul Haq Khokhar

Authentication Bypass

Target sites to conduct your tests and follow the policies to report the bugs

Out-of-scope parameters

Green tick Icon

Any targets besides the one mentioned in the target list

Green tick Icon

All third-party applications used at Liminal

Green tick Icon

Liminal marketing website liminalcustody.com

Note: Breaching any program policies may lead to legal consequences for the violator

Check out all the crucial rules to follow before you begin testing our infrastructure

Assess security impact by checking for the following scope of vulnerabilities in one attack scenario

Qualifying Vulnerabilities

Non-Qualifying vulnerabilities

Bigger the bug, bigger the cash reward

The security team assesses bug severity and rewards accordingly. All code changes earn a spot in the Hall of Fame, but more severe changes may also receive cash rewards

Reward Thresholds

Severity Level

Reward

Low-Medium

HoF to $100

Medium

$100 to $300

Medium-High

$300 to $500

High

$500 to $1000

Sign up for our bug-bounty program if you are keen on finding vulnerabilities in wallets and wish to earn handsome rewards at the same time