GATE Community Update

GATE Community Update

Dear Community,


With the impending launch of our staking platform, we’re asking for the community’s input to review our work, so that it is perfect for our GATE stakers! We have launched a ‘Bug Bounty’ in order to ensure there are no stones left unturned, and naturally we want to reward those who are able to support us in finding any bugs in the smart contract.

You may have noticed we have launched the new gatenet.io website, where you can read through our comprehensive guides in order to prepare for when staking goes live. There is also information on the GATENet project, with more details to follow in the coming weeks.

Gatetoken.io will now be redirected to the new gatenet.io website.

For details on the Bug Bounty, please see below:


Bug Bounty Details


GATENet is publicly publishing the smart contract code planned for use with our staking platform, for public review.

The GATE Token Staking Platform is a non-custodial Staking Platform, built to operate on the Ethereum blockchain and provide Staking and Awards functionality to holders of GATENet’s ERC-20 GATE token. The Platform allows GATE token holders to participate in Staking and earn Awards on locked tokens.


Platform Functionality

Staking:
There is an ability for a staker wishing to stake to deposit their tokens with the smart contract.


Staking Rewards:
The primary function of the smart contract is to distribute staking rewards to users that stake their GATE tokens. The smart contract will be funded (addReward) with 36.5 million GATE tokens. At the rewards start date, these tokens will start being distributed to stakers over a 365 day period.


Fee Distribution:
There is a function built in (feeDistribution), whereby there can be a periodic award of GATE tokens distributed to stakers, as a percentage of their stake vs total stake, who are currently staked on the platform. Rewards distributed via the feeDistribution method are not locked by the smart contract.


Lock-In:
There is a locking functionality whereby staked tokens will be locked for 30 days. Reward locks are tied into the same locking end date as the stake.


Withdrawals:
There is a withdrawal functionality whereby on the withdrawal event, all unlocked tokens and any available rewards and accumulated Fee Distributions will be returned to the user’s wallet in one transaction.


Bug Bounty
In order to protect user assets, we will run a bug bounty for 5 days to reward community members for discovering and reporting bugs. The scope of the bounty will be limited to the smart contracts used in the staking platform (link to be posted when available).

Bounty rewards will be distributed in GATE tokens. The volume of rewards will vary depending on severity as judged by the GATENet team. The severity of a bug is determined according to the impact which the bug will have.

There are 4 levels, from 2 to 5, which are available to receive a bounty award. Those levels are as follows:

LevelExamples
5. Critical– Empty or freeze the contract’s holdings (e.g. economic attacks, flash loans, reentrancy, MEV, logic errors, integer over-/under-flow)
– Cryptographic flaws
4. High– Token holders unintentionally temporarily unable to transfer holdings
– Users spoof each other
– Theft of yield
3. Medium– Contract consumes unbounded gas
– Griefing denial of service (i.e. attacker spends as much in gas as damage to the
contract)
2. Low– Contract fails to deliver promised returns, but
1. None – Best practises

Bounty payout is as follows:
● Low: Up to 50,000 GATE
● Medium: Up to 100,000 GATE
● High: Up to 250,000 GATE
● Critical: Up to 500,000 GATE

A bounty cap of 2 million GATE tokens has been added to the bounty programme.


Reporting A Bug:
Bug reports should be sent to [email protected]

Email reports should contain the following:

Summary:
add summary of the vulnerability

Steps To Reproduce:
add details for how we can reproduce the issue

Supporting Material/References:
list any additional material (e.g. screenshots, logs, etc.)


A few friendly rules:

  1. Bounties go to the first to report, based on the timestamps by which email bug reports are received.
  2. Don’t steal or attempt to steal others’ funds.
  3. Don’t publicly disclose a bug before it has been fixed.
  4. Paid auditors of this code are not eligible for rewards.
  5. Anyone who worked to produce the code is not eligible for rewards.
  6. Issues that are mentioned in the security audits are not eligible.
  7. Non-security critical issues (style issues, gas optimizations) are not eligible.
  8. Previously known vulnerabilities (resolved or not) of the Ethereum network (and any other fork of these).
  9. Previously known vulnerable libraries without a working Proof of Concept.
  10. Attacks requiring MITM or physical access to a user’s device, or control over users private keys.
  11. KYC – In order to receive an award, the bounty hunter must pass KYC.
  12. Determinations of eligibility, score and all terms related to an award are at the sole and final discretion of the GATENet team