1. Deribit Support
  2. Support
  3. Contact

Bug Bounty

  • Updated

Our bug bounty program is public on HackerOne and can be directly accessed through this link: https://hackerone.com/deribit

The following guidelines give you an idea of what we usually pay out for different classes of bugs – for all things not listed below, this program follows the Bugcrowd VRT for prioritizing issues.

  • Tier 1: test.deribit.com, www.deribit.com, Android app, IOS app

  • Tier 2: All other subdomains of deribit.com except from office.deribit.com, veriscope.deribit.com and sygna.deribit.com

Technical severity

Reward range

P1 - Critical

Tier 1: $30,000 - $50,000

Tier 2: $2,500 - $3,000

P2 - Severe

Tier 1: $5,000 - $10,000

Tier 2: $750 - $1,500

P3 - Moderate

Tier 1: $500 - $1,000

Tier 2: $250 - $425

P4 - Low

Tier 1: $100 - $300

Tier 2: $50 - $150