Reporting security flaws like bugs or issues

You’re just steps away from receiving your reward.

Report a Bug
AXIR Wallet Bug Bounty Program
At AXIR Wallet, security is our top priority. That’s why we’ve launched the AXIR Wallet Bug Bounty Program to encourage responsible reporting of vulnerabilities. This initiative helps us continuously improve our security measures, ensuring a safe platform for all our users.
How do we Evaluate Rewards?
We prioritize reported issues by severity, distributing rewards accordingly. Our AXIR Wallet Bug Bounty Program offers incentives in Fiat as well as AXR tokens for significant discoveries, demonstrating our commitment to safeguarding our platform and community.
Bug Bounty Scope
Our Bug Bounty Program aims to detect vulnerabilities in AXIR Wallet mobile app and Smart Contracts, including those on GitLab. If you find a bug in AXIR Wallet contract outside these repositories, rest assured, our team will consider it part of our bounty program.
What are we looking for?
Input Validation

Input Validation

Authentication and Authorization

Authentication and Authorization

Data Integrity

Data Integrity

Frontend Security

Frontend Security

Contract Upgradability 

Contract Upgradability 

Click Jacking

Click Jacking

Leaks of Sensitive Data 

Leaks of Sensitive Data 

Authentication and Authorization

Compliance and Regulation

We value your comprehension and collaboration in directing attention towards the aspects covered by our Bug Bounty Program, specifically with regards to the AXIR Wallet
Out of Scope:
We want to emphasize that the Program does not cover the following aspects:
  • Contracts managed by third parties and not directly overseen by AXIR Wallet.
  • Problems that have already been acknowledged and recorded in existing audits reports
  • Glitches discovered in third-party contracts or applications utilizing AXIR Wallet contracts.
How to claim your Bug Bounty?
To be eligible for a reward under this Program, your submission must adhere to the following conditions:
  • Discover a previously undisclosed, non-public vulnerability that is unknown to our team and falls within the scope of this Program.
  • Make sure you be the first reporter of this distinct vulnerability by submitting it to our “Bug Bounty Form” following our disclosure guidelines.
  • Provide sufficient details to enable our engineers to replicate and address the vulnerability.
  • Avoid using the vulnerability for any purpose other than claiming the reward from this Program, including disclosing it publicly or for personal gain.
  • Keep the vulnerability private and confidential by reporting it solely to us, maintaining its privacy.
  • Submit the undisclosed bug to “Bug Bounty Form” in a lawful and ethical manner, without resorting to threats, demands, or coercion.
  • You must be at least 18+ old to participate. If you are younger, make sure to obtain parental or guardian consent when submitting your vulnerability.
  • You must confirm you are not a current or former employee, vendor, or contractor involved in developing the code related to the bug.
  • Follow all eligibility criteria outlined in the Program.
By submitting your report, you grant AXIR Wallet the necessary rights to verify and disclose the vulnerability. Reward decisions, including eligibility and payment methods, are at our discretion. Note that program terms may change at any time.

    Your Details







    Your Findings



    AXIR Wallet Bug Bounty Form: 
    Please fill out the form below to report an issue. Include as much detail about the exploit as you can. Our AXIR Team will get back to you as soon as possible.