=== GLOBALMONERO Bug Bounty ===

# Bug bounty program
Global Monero is currently in beta stage. We offer a vulnerability reporting reward with payouts depending on the severity.

## Eligible reports
- CSRF
- XSS
- On-site content injection (i.e. phishing on-site)
- Privilege escalation or misconfigured account privileges
- Database content injection
- Information leaks
- Obtaining a (hidden) server IP address (not including mail server)
- Broken wallet logic (i.e. double spending)
- Remote code execution
- Other major issues or exploits with the site

## Payout
Currently, Global Monero is in an open beta. Any bug report report is eligible for up to US$1,000, depending on the severity. The maximum amount will increase after our open beta is complete, at which point we will provide a more comprehensive general guideline for vulnerability report rewards (i.e. tiered severity payouts).