Powered by:
Allows bounty splitting:
Average time to first program response:
Average time to bounty awarded null: 39
Average time to report resolved:
Handle coinbase
Managed program: false
Name: Coinbase
Offers bounties: true
Offers swag: true
Response efficiency percentage: 97
Submission state: open
Url: https://hackerone.com/coinbase
Website: https://coinbase.com/security
In scope:
Asset identifier: *.base.orgAsset type: OTHERAvailability requirement: mediumConfidentiality requirement: noneEligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: lowMax severity: high
Asset identifier: *.cbhq.netAsset type: URLAvailability requirement: highConfidentiality requirement: highEligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: highMax severity: critical
Asset identifier: *.coinbase.comAsset type: URLAvailability requirement: highConfidentiality requirement: highEligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: highMax severity: critical
Asset identifier: 54.175.255.192/27Asset type: CIDRAvailability requirement: highConfidentiality requirement: highEligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: highMax severity: critical
Asset identifier: Other - Please describeAsset type: OTHERAvailability requirement: lowConfidentiality requirement: lowEligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: lowMax severity: medium
Asset identifier: api.coinbase.comAsset type: URLAvailability requirement: Confidentiality requirement: Eligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: Max severity: critical
Asset identifier: api.custody.coinbase.comAsset type: URLAvailability requirement: Confidentiality requirement: Eligible for bounty: trueEligible for submissions: trueInstruction: Please see the instructions for the custody.coinbase.com asset on how to get an account.Integrity requirements: Max severity: critical
Asset identifier: com.coinbase.androidAsset type: GOOGLE_PLAY_APP_IDAvailability requirement: highConfidentiality requirement: highEligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: highMax severity: critical
Asset identifier: com.coinbase.iosAsset type: APPLE_STORE_APP_IDAvailability requirement: highConfidentiality requirement: highEligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: highMax severity: critical
Asset identifier: com.coinbase.proAsset type: APPLE_STORE_APP_IDAvailability requirement: lowConfidentiality requirement: mediumEligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: lowMax severity: high
Asset identifier: com.coinbase.walliteAsset type: GOOGLE_PLAY_APP_IDAvailability requirement: noneConfidentiality requirement: lowEligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: noneMax severity: low
Asset identifier: commerce.coinbase.comAsset type: URLAvailability requirement: mediumConfidentiality requirement: mediumEligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: highMax severity: critical
Asset identifier: custody.coinbase.comAsset type: URLAvailability requirement: highConfidentiality requirement: highEligible for bounty: trueEligible for submissions: trueInstruction: * **[Coinbase Custody - Institutional User Roles Overview](https://hackerone.app.box.com/s/l8rqfuv0xgaf15nwdzmffvsrxjm6vr8n)**
* **[Custody API Documentation](https://docs.custody.coinbase.com/)**Integrity requirements: highMax severity: critical
Asset identifier: https://chrome.google.com/webstore/detail/coinbase-wallet-extension/hnfanknocfeofbddgcijnmhnfnkdnaadAsset type: OTHERAvailability requirement: Confidentiality requirement: Eligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: Max severity: critical
Asset identifier: institutional.coinbase.comAsset type: URLAvailability requirement: Confidentiality requirement: Eligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: Max severity: critical
Asset identifier: org.toshiAsset type: GOOGLE_PLAY_APP_IDAvailability requirement: lowConfidentiality requirement: highEligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: highMax severity: critical
Asset identifier: org.toshi.distributionAsset type: APPLE_STORE_APP_IDAvailability requirement: mediumConfidentiality requirement: highEligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: highMax severity: critical
Asset identifier: paradex.ioAsset type: URLAvailability requirement: noneConfidentiality requirement: lowEligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: noneMax severity: low
Asset identifier: prime.coinbase.comAsset type: URLAvailability requirement: highConfidentiality requirement: highEligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: highMax severity: critical
Asset identifier: pro.coinbase.comAsset type: URLAvailability requirement: highConfidentiality requirement: highEligible for bounty: trueEligible for submissions: trueInstruction: Integrity requirements: highMax severity: critical
