想在去中心化的机器感知网络上创建伟大的事物吗?让我们您助一臂之力。申请补助,并分享您的愿景。
related issues regarding domain or email: aukilabs.com, posemesh.org, auki.ai, aukiverse.com or auki.network
Reason: It’s managed by a 3rd party, please refer to their security bug disclosure policy.
One payout per root cause
If multiple vulnerabilities stem from the same root cause (e.g., insecure authentication), they will be grouped together and rewarded as a single bounty. The same applies if the same vulnerability is found in more than one application.
Separate payouts for independent issues
If issues are distinct (e.g., CSP misconfiguration in one application and SQL injection in another), they will be treated as separate findings with separate bounties.
Bundle for same application
If multiple smaller issues are reported for a single application in one submission, they will be grouped together as a single payout proportional to the overall impact.
Final decision clause
Auki Labs reserves the right to make the final determination in cases of disputes regarding bounty eligibility, severity grading, or payout amounts. This ensures consistency and fairness while addressing unique cases or interpretations that may arise.
Severity levels
The severity levels are not based on the Common Vulnerability Scoring System (CVSS) but rather on the potential impact on Auki’s business with the different domain names or applications taken into consideration. For example, a vulnerability found in a support system is less severe than one found in the core systems.
Bounties can be paid out in the USDC amount described in the table below or in the equivalent amount of AUKI tokens at the time of the payout.
Unauthorized access to sensitive data, critical smart contract vulnerabilities, RCEs (remote code execution).
SQL injection, significant privilege escalation, major authentication bypass.
Minor privilege escalation, reflected XSS, or logic issues with moderate impact.
CSP misconfigurations, verbose error messages, or minor misconfigurations.
Issues with no immediate security impact (e.g., missing security headers).
Open a support ticket on our Discord server or sendan email to security@aukilabs.com
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam efficitur justo ac augue aliquet dapibus. Etiam dictum cursus orci, a eleifend dolor scelerisque nec. Sed ullamcorper sollicitudin lorem, at placerat ligula accumsan sit amet. Aenean consequat, tortor eget varius feugiat, ante arcu rutrum velit, vel venenatis sapien augue in ipsum.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam efficitur justo ac augue aliquet dapibus. Etiam dictum cursus orci, a eleifend dolor scelerisque nec. Sed ullamcorper sollicitudin lorem, at placerat ligula accumsan sit amet. Aenean consequat, tortor eget varius feugiat, ante arcu rutrum velit, vel venenatis sapien augue in ipsum.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam efficitur justo ac augue aliquet dapibus. Etiam dictum cursus orci, a eleifend dolor scelerisque nec. Sed ullamcorper sollicitudin lorem, at placerat ligula accumsan sit amet. Aenean consequat, tortor eget varius feugiat, ante arcu rutrum velit, vel venenatis sapien augue in ipsum.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam efficitur justo ac augue aliquet dapibus. Etiam dictum cursus orci, a eleifend dolor scelerisque nec. Sed ullamcorper sollicitudin lorem, at placerat ligula accumsan sit amet. Aenean consequat, tortor eget varius feugiat, ante arcu rutrum velit, vel venenatis sapien augue in ipsum.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam efficitur justo ac augue aliquet dapibus. Etiam dictum cursus orci, a eleifend dolor scelerisque nec. Sed ullamcorper sollicitudin lorem, at placerat ligula accumsan sit amet. Aenean consequat, tortor eget varius feugiat, ante arcu rutrum velit, vel venenatis sapien augue in ipsum.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam efficitur justo ac augue aliquet dapibus. Etiam dictum cursus orci, a eleifend dolor scelerisque nec. Sed ullamcorper sollicitudin lorem, at placerat ligula accumsan sit amet. Aenean consequat, tortor eget varius feugiat, ante arcu rutrum velit, vel venenatis sapien augue in ipsum.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam efficitur justo ac augue aliquet dapibus. Etiam dictum cursus orci, a eleifend dolor scelerisque nec. Sed ullamcorper sollicitudin lorem, at placerat ligula accumsan sit amet. Aenean consequat, tortor eget varius feugiat, ante arcu rutrum velit, vel venenatis sapien augue in ipsum.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam efficitur justo ac augue aliquet dapibus. Etiam dictum cursus orci, a eleifend dolor scelerisque nec. Sed ullamcorper sollicitudin lorem, at placerat ligula accumsan sit amet. Aenean consequat, tortor eget varius feugiat, ante arcu rutrum velit, vel venenatis sapien augue in ipsum.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam efficitur justo ac augue aliquet dapibus. Etiam dictum cursus orci, a eleifend dolor scelerisque nec. Sed ullamcorper sollicitudin lorem, at placerat ligula accumsan sit amet. Aenean consequat, tortor eget varius feugiat, ante arcu rutrum velit, vel venenatis sapien augue in ipsum.