Bug Bounty

Security is our top priority. We reward security researchers who help us keep JoobEscrow safe.

Critical

Up to $50,000

Theft of funds, unauthorized releases, permanent freezing of user funds.

High

Up to $10,000

Bypassing dispute logic, manipulation of fee calculations.

Medium / Low

Up to $2,000

Smart contract logic errors that do not lead to direct loss of funds, gas griefing.

In Scope

UniversalServiceEscrow.sol - Main Escrow Logic
Token handling, Fee extraction, and Timelock governance

Note: The frontend codebase and website infrastructure are currently OUT OF SCOPE for monetary rewards, unless the vulnerability directly enables the theft of user funds via wallet interaction.

Out of Scope

Attacks requiring compromised user private keys.
Social engineering or phishing attacks against JoobEscrow staff or users.
Vulnerabilities in third-party libraries (e.g., OpenZeppelin) unless used insecurely by our code.
Issues already documented in our SpyWolf Audit Report.

How to Report

If you have found a vulnerability, please do NOT disclose it publicly. Email our security team directly with a detailed PoC (Proof of Concept).

security@joobescrow.com

← Back to Security Page