XinFin Bounty Program

XinFin is launching a Bounty Program for Community on Launch of Mainnet! We Invite our Community and all bug bounty hunters to participate in the bounty program and win lots of rewards.

BUG Bounty

XinFin is happy to release the XinFin Extension Wallet: XinPay

XinFin introduces a Bug Bounty Program for testing XinFin Extension Wallet (XinPay).

Team XinFin welcomes all to test XinPay for any errors, bugs on XinFin TestNet and grab the bounty also provide ideas to enhance eWallet.

Program Rules:

  1. Please provide detailed reports with reproducible steps. If the report is not detailed enough to reproduce the issue, the issue will not be eligible for a reward.
  2. Submit one vulnerability per report, unless you need to chain vulnerabilities to provide impact.
  3. When duplicates occur, we only award the first report that was received.
  4. Multiple vulnerabilities caused by one underlying issue will be awarded one bounty.
  5. Phishing, Vishing, Smishing is prohibited.
  6. Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service. Only interact with accounts you own or with explicit permission of the account holder.

Out of scope vulnerabilities:

The following issues are considered out of scope:

  • Content spoofing and text injection issues without showing an attack vector/without being able to modify HTML/CSS.
  • Clickjacking on pages with no sensitive actions.
  • Attacks requiring MITM or physical access to a user's device.
  • Previously known vulnerable libraries without a working Proof of Concept.
  • Comma Separated Values (CSV) injection without demonstrating a vulnerability.
  • Missing best practices in SSL/TLS configuration.
  • Any activity that could lead to the disruption of our service (DoS).
  • Unauthenticated/logout/login CSRF.

When reporting vulnerabilities, please consider attack scenario / exploitability, and security impact of the bug.


Rewards are based on the Common Vulnerability Scoring Standard.


Upto 50 USD worth XDC


Upto 100 USD worth XDC


Upto 150 USD worth XDC


Upto 200 USD worth XDC

Fill the google form to claim your bounty.

Above bounties ends on 31 March 2020.

Masternode Bounty Program

Every Masternode will be offered incentives as well as a special bonus bounty up to 900 USD worth XDC, for hosting Masternode from 31st January to 31st July 2020 in the specific region Singapore or Japan.

Fill the google form to claim your bounty.

Masternode Luck User Bounty

XinFin invites you all whether you are a financial institution, a federal agency a developer or an individual, you can easily set-up a masternode using the one-click installer guide. XinFin invites its existing as well as new global users to set-up masternode using one-click installer function, and make an impact in the world of decentralized trade and finance. So, Setup Masternode now and be a part of XinFin ecosystem.

Airdrop Table

3 Months

500,000 XDC

* 5 Lucky Winners

6 Months

1000,000 XDC

* 5 Lucky Winners

9 Months

1,500,000 XDC

* 5 Lucky Winners

12 Months

2,000,000 XDC

* 5 Lucky Winners

Fill the google form to apply for the Rewards.

The Lucky winner will be announced officially by the team in our updates social channels.