Bug Bounty Program – BTC-Lottery.io
At BTC-Lottery.io, the security of our users, platform, and smart contracts is our top priority. We invite ethical hackers, developers, and researchers to help us keep the platform safe by responsibly disclosing any security vulnerabilities.
Program Objective
The goal of this bug bounty program is to identify and resolve potential vulnerabilities before they can be exploited. Your responsible disclosure will directly contribute to the trust, safety, and transparency of our decentralized lottery system.
Scope
In-Scope Components:
- btc-lottery.io frontend and user account system
- USDT (TRC20) wallet interactions
- Smart contracts handling:
- Ticket generation
- Result validation
- Payout processing
- Lottery result logic based on BTC block hash
Out-of-Scope (but welcomed for feedback):
- Third-party services (e.g. wallet providers, CDN)
- Social engineering attempts
- DDoS attacks
- Bugs that require root/jailbroken devices or physical access
Reward Structure
We offer rewards based on the severity of the vulnerability and the quality of the report:
| Severity | Reward Range (USDT) |
|---|---|
| Critical | $2,000 – $10,000 |
| High | $500 – $2,000 |
| Medium | $100 – $500 |
| Low | $25 – $100 |
Final reward is determined at the discretion of our security team based on impact and exploitability.
Submission Guidelines
Please include:
- A detailed explanation of the issue
- Step-by-step reproduction steps
- Screenshots, videos, or code if applicable
- Suggested mitigation (optional but appreciated)
Submit reports to: [email protected]
We aim to respond within 72 hours and resolve valid issues within 7–14 business days.
Rules
- Do not exploit vulnerabilities beyond what is necessary to prove the issue
- Do not access, modify, or delete user data
- Do not publicly disclose the vulnerability before it's resolved
- Do not attempt phishing or use social engineering
Recognition
Top contributors may be publicly acknowledged (with consent) on our Hall of Fame page and may receive early access to platform features or bounty program updates.
Thank You
Your efforts help us build a stronger, safer, and more transparent blockchain lottery experience for users around the world.