Bug Bounty Program

Help us make MYAPY safer. Report vulnerabilities and earn rewards.

Scope

In scope

  • MYAPY web application (myapy.top)
  • MYAPY API endpoints

Out of scope

  • DefiLlama API
  • WalletConnect / AppKit
  • Blockchain nodes and protocols

Severity & Rewards

Informational

Acknowledgment + Hall of Fame

Low ($50)

Minor UI bugs affecting security

Medium ($200)

XSS, CSRF vulnerabilities

High ($500)

Authentication bypass

Critical ($1,000+)

RCE, SQL injection, data breach

Rules

  • Responsible disclosure: 90 days to fix before public disclosure
  • No public disclosure until the vulnerability is fixed
  • One vulnerability per report

How to Report

Send your report to:

security@myapy.top

Include in your report:

  • Steps to reproduce
  • Security impact assessment
  • Proof of Concept (PoC)

Hall of Fame

Be the first security researcher recognized here.

Found a vulnerability?

Your contribution makes DeFi safer for everyone.

Report Now