Overview

We are starting our bug bounty programme for all Aventus smart contracts relating to our AVT sale. This bounty program is not for the Aventus protocol itself.

Our token sale smart contracts were written and audited by DAppHub.

We have our own version of these contracts written here, but unfortunately due to the limited time frame we had, we could not get the top calibre audit that we were looking for done in time.

Major bugs will be rewarded up to $10,000 (in ETH). Higher rewards are possible (up to $20,000 in ETH) in case of very severe vulnerabilities.

Most of the rules on https://bounty.ethereum.org apply:

First come, first serve.

Issues that have already been submitted by another user or are already known to the Aventus team are not eligible for bounty rewards.

Public disclosure of a vulnerability makes it ineligible for a bounty.

Anyone who was a paid auditor of this code is not eligible for rewards.

Determinations of eligibility, score and all terms related to an award are at the sole and final discretion of the Aventus team.

Scope

All smart contracts relating to the token sale commencing July 17th, 2017. This includes:

The Aventus token contract

The token sale contract

Gnosis’ multisig wallet

All contracts are within: https://github.com/AventusSystems/token-sale.

Functional Specification

Below is the functional specification of the token sale mechanics we created.