Overview

We are publishing our smart contract along with an external audit report, and a bug bounty programme for the Parsec Frontiers smart contract relating to our Pre-Sale of PRSC tokens.

Our token sale smart contract has been written by the Artplant development team. It has been audited by Sameep Singhania.

The token and pre-sale contract can be found here. Due to the limited time frame we had, we could not perform additional audits and would like to invite the community to go over the contract.

Major bugs will be rewarded up to $10,000 (in PRSC tokens). Higher rewards are possible (up to $20,000 in PRSC tokens) in case of very severe vulnerabilities.

Most of the rules on https://bounty.ethereum.org apply:

First come, first serve.

Issues that have already been submitted by another user or are already known to the Parsec Frontiers team are not eligible for bounty rewards.

Public disclosure of a vulnerability makes it ineligible for a bounty.

Anyone who was a paid auditor of this code is not eligible for rewards.

Determinations of eligibility, score and all terms related to an award are at the sole and final discretion of the Parsec Frontiers team.

Scope

All smart contracts relating to the token sale commencing January 24th, 2018. This includes:

The PRSC token contract

The pre-sale contract

All contracts are within: https://github.com/artplant/parsec-contracts.

Timeline

As of this post, the bug bounty program is considered started and valid reports of bugs will be compensated moving forward. The bounty program will continue even after the token launch.

Compensation

The value of rewards paid out will vary depending on severity. The severity is calculated according to the OWASP risk rating model based on Impact and Likelihood, as done in the Ethereum bug bounty campaign:

Note: Up to $100 in PRSC

Low: Up to $2,000 in PRSC

Medium: Up to $5,000 in PRSC

High: Up to $10,000 in PRSC

Critical: Up to $20,000 in PRSC

Example: If you find a way to steal raised funds, this is a critical bug. If you find a way to mint PRSC, this is high priority.

The submission’s quality will factor into the level of compensation. A high quality submission consists of:

An explanation of how the bug can be reproduced

A failing test case

A fix that makes the test case pass.

High quality submissions may be awarded amounts higher than the amounts specified above.

Note: all PRSC will be distributed after the token sale, ending January 31st 2018. It will be unlocked and ready to spend as soon as the token sale ends.

We request that you please give us reasonable amount of time to reply to your inquiry, and that you do not exploit any vulnerability you discover.

Contact

For any questions, please join the Parsec Frontiers Discord and join the #security_bounty channel.

For submissions, please send to hello@parsecfrontiers.com. We also welcome anonymous submissions.