Atestaria é o protocolo de autenticidade que prova quem criou o quê e quando — de um jeito que ninguém consegue falsificar, nem com IA, nem com computadores quânticos do futuro.

Trust Center · Bug Bounty

Bug Bounty Program

We pay researchers who responsibly disclose security issues. Send reports to [email protected] (PGP key in security.txt).

Scope

Production APIs at /v1/*, /v2/*, /api/*
Public web at the official Atestaria domain
Browser extension
$SEAL smart contract on supported chains

Out of scope

Self-XSS without an attack chain
Volumetric DoS
Social engineering
Vulnerabilities in third-party services we use

Severity & reward (USD-equivalent in $SEAL or fiat)

Critical

$5,000 to $50,000 · RCE, full DB read, contract drain, signature forgery

High

$1,500 to $5,000 · auth bypass, IDOR on PII, audit chain forgery

Medium

$300 to $1,500 · stored XSS, sensitive info leak

Low

$50 to $300 · low-impact issues, hardening recommendations

Rules

No data exfiltration. Demonstrate impact with the minimum data needed.
Use staging when possible.
Disclose only after we confirm a fix.

Hall of Fame coming soon.

← Back to the Trust Center

Autêntico. Auditável. À prova do tempo.

Atestaria é o protocolo de autenticidade que prova quem criou o quê e quando — de um jeito que ninguém consegue falsificar, nem com IA, nem com computadores quânticos do futuro.