Table of Contents


Golden recently opened up our dApp to our customers to help facilitate improvements, analyze malicious behaviors, and ensure an easy-to-use solution for our customer experience. In an attempt to bring stronger transparency to our customers, we are opening up a security Bug Bounty to our web2, web3, and protocol. We will have increased payouts for validated findings until December 1, 2022.

Scope and Reporting

This is a black box test against our production environment. In order to have your vulnerability verified, you will need to send the report to Please make sure the subject is clear that this is a bug bounty request (e.g., Bug Bounty: XSS found in site). All findings MUST include:

In Scope

Ensure that you adhere to Amazon’s Penetration Testing Policy.

Not in Scope