Value: 1 INC (Indiya Coin) = 1 INR (Indian Rupees)

// Bug Bounty

Bug Bounty Program

Out of Scope Issues

The following issues won’t be considered for a bounty.

  • Rate limit issue
  • Open Redirection (we will approve for critical case, ex: steal other user’s token)
  • DoS or resource exhaustion
  • Client-side issues that do not effect the latest version of common browsers (Chrome, Firefox).
  • HTML injection without ability to execute malicious script.
  • Self XSS, CSRF, CORS without affecting other users
  • Clickjacking.
  • SPF, DKIM and DMARC issues.
  • Social Engineering

Severity and Reward

Reward amounts are vary depend on the severity of the vulnerability and it’s impact to Indiya Coin. We use the the international standard for risk calculations that is OWASP Risk Rating Methodology.

Only medium, high and critical will get reward.

How to Participate

  1. Send email to:
  2. Subject: [BUG] {bug title}


  • Be the first one to report a specific vulnerability. Duplicate report is not eligible for bounty reward.
  • Include details and verifiable proof of concept (e.g. screenshot, video, script). If our team cannot reproduce or verify the issue, then bounty cannot be awarded.
  • Reporter is eligible for bounty after Indiya Coin team decide to fix the bug.
  • Reporter of vulnerability is prohibited to disclose the bug to public before Indiya Coin team fixed the bug.
  • Reporter of vulnerability is required to use their own account when performing testing or producing vulnerability.
  • DO NOT attempt to view or tamper any data belonging to others.
  • Reporter of vulnerability is prohibited to disturb, change, add, or delete any data or configure Indiya Coin systems, targeting other users, or compromising the reputation of Indiya Coin.
  • DO NOT perform DDoS or DoS attack to Indiya Coin System.
  • By sending a bug report to Indiya Coin, reporter of vulnerability agrees to give Indiya Coin the full rights to keep using that bug report for internal purposes without paying any royalty, license, or intellectual property rights.
  • By participating in this program, you have agreed to comply with all applicable local and international laws.

What we consider?

Likelihood Factors

Impact Factors

Skill Level

Loss of confidentiality


Loss of Integrity


Loss of Availability


Loss of Accountability

Ease of Discovery

Financial Damage



Ease of Exploit

Reputation Damage

Intrusion Detection

Privacy Violation



Reward Point

Reward INC






500,0 – 1,000,0



2,000,0 – 4,000,0



6,000,0 – 10,000,0

Reward will be transferred using INC.

Please make sure you have erc20 / binance chain based wallet.