Bug Bounties

Poloniex

Powered by: 

Allows bounty splitting: 

Average time to first program response: 

Average time to bounty awarded null: 

Average time to report resolved: 

Handle poloniex

Managed program: false

Name: Poloniex

Offers bounties: true

Offers swag: false

Response efficiency percentage: 

Submission state: open

Url: https://hackerone.com/poloniex

Website: https://poloniex.com/

In scope:

  • Asset identifier: https://api.poloniex.com
  • Asset type: URL
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: **Poloniex API documentation** https://poloniex.com/support/api Example Request: POST /tradingApi HTTP/1.1 Host: poloniex.com User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:59.0) Gecko/20100101 Firefox/59.0 Accept: application/json, text/javascript, */*; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Key: API_KEY Sign: ```<COMMAND_SIGNED_WITH_SECRET>``` Referer: https://poloniex.com/apiKeys Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Connection: close Content-Length: 30 command=returnBalances&nonce=```<NONCE_VALUE>```
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: https://api2.poloniex.com
  • Asset type: URL
  • Availability requirement: low
  • Confidentiality requirement: medium
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: low
  • Max severity: high



  • Asset identifier: https://m.poloniex.com
  • Asset type: URL
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: https://public.poloniex.com
  • Asset type: URL
  • Availability requirement: low
  • Confidentiality requirement: low
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: low
  • Max severity: medium



  • Asset identifier: https://www.poloniex.com
  • Asset type: URL
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: 
  • Max severity: critical