Graviton Exploit Exploration mission
This program provides rewards for the most comprehensive, well-considered and fully described submissions of potential vulnerabilities of Graviton app frontend, backend infrastructure, and smart contracts.

Rules

Please have a look at the bullet points below before starting your exploration mission.
  • All bug reports must be submitted to [email protected], preferably with the subject "Graviton Exploit Exploration".
  • Public disclosure of a vulnerability makes it ineligible for a reward.
  • Please note that the infrastructure on Fantom and Ethereum, or Gnosis safe wallet are not part of the Exploit Exploration Mission (only Graviton products are subject to testing).

Rewards

Graviton Exploit Exploration Mission considers a number of variables in determining rewards. Determinations of eligibility, quality assessment and all terms related to an award are at the sole discretion of multisig signers.

Template

Please, submit a vulnerability using the following template:
  • Your name *
  • Your Telegram account *
  • Short description of a vulnerability * Example: Remote Denial-of-service using non-validated blocks.
  • Attack scenario * Example: An attacker can attempt to mine blocks which may require some resource-heavy computation (up to the maximum gasLimit) but provide no proof-of-work. If the attacker sends blocks continuously, the victim node may be forced into 100% CPU utilization.
  • Components Example: Go client version v0.6.8
  • Reproduction * Example: Send a block to a testnet node which contains many txs but no valid PoW (or a link to a Github Gist with reproduction details).
  • Details Any other details not covered. Can also contain links to GitHub Gists, repos containing code samples, etc.

Exploration Field

You can find the list of the test smart contracts on Fantom to be examined in the table below. Please note that any submissions of the user application bugs are also accepted.
Through the Faucet contract, you will be able to receive 100 test tokens per user (TestGTON and TestLP) required for testing the PortGTON и PortLP contracts.
contracts under review
BalanceKeeper
0xfe650Edf39B01b582EDFc75dE9CDC4e01C2a53CC
tracks user balances
BalanceEB
0xB6852Da1251e4fae8d62ac8110C222B99C54BF9F
updates balanceKeeper with values from farmEB and impactEB
BalanceStaking
0x0C873F0aa815815B434bf25C6be868d9Df981066
updates balanceKeeper with values from farmStaking
Voter
0xAfEa79A5c1a862AE6443ebF5868d9BB4c491eF73
here users can cast votes equal to their balances on balanceKeeper
PortGTON
0x4917b0D2a561716F63E0838f6A7D50c20a88cEeE
updates balanceKeeper on locking and unlocking GTON
PortLP
0x3f3E14906776a1d06Ce0aBfC066bb932d11e7A50
updates balanceKeeper on locking and unlocking LP
utility contracts
TestGTON
0x44ec6bcc2B3dC8b1bBB78c8dfb5C0d72Acd41D87
TestLP
0xFa40186cd2c0cb7B451E58a42f0b51a4F3c6C1E9
Faucet
0x5c2af6170F9031aB43a780376F993016d2eCfc70
drops 100 testGTON and testLP per user
support contracts
farmStaking
0xF1b64cB91FFE82F8eFF2575669856a28B30A0450
calculates fading curve of staking
farmEB
0xa4e8C675f0E1DDbD2361324e909361ff9455222c
calculates fading curve of unlocking gton for early birds
impactEB
0x89bE71535fFC044CC829EE8B919Cd145d71154E4
tracks early birds impacts
Export as PDF
Copy link
On this page
Rules
Rewards
Template
Exploration Field