Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

immutable

BugcrowdView on Bugcrowd
RawAI Enhanced
15
In Scope
8
Out of Scope

In-Scope Assets (15)

Out-of-Scope Assets (8)
AssetCategoryBounty
*.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions)OTHERNo
*.godsunchained.comOTHERNo
*.gogbackend.comOTHERNo
*.guildofguardians.comOTHERNo
Any data exposure bug that are classified as Public Data such as Ethereum Wallet Address, NFT Purchase activity, or other public blockchain activity.OTHERNo
Anything that does not belong to ImmutableOTHERNo
godsunchained.comOTHERNo
gogbackend.comOTHERNo