Security

Welcome to the CraftiGames bug bounty and responsible disclosure programme page!


We at CraftiGames are dedicated to keeping our players and their data safe and secure. Besides our internal teams working on this every day, with our responsible disclosure programme we'd like to give the community the opportunity to aid us in discovering the vulnerabilities we might have missed, helping us protect millions of end users.

What to include in your report

  • Your in-game username and contact details
  • A technical description of the issue
  • How to reproduce the issue

Security researcher expectations

  • Act in good faith
  • Do not access, store, remove, or transfer player data, and inform us if you accidentally do so
  • Refrain from disrupting our services and operations
  • Keep any vulnerabilities confidential

Responsible disclosure programme rules

  • All security issues must be reported to [email protected].
  • Your contribution will be recognized by a place in our security hall of fame and/or a bug bounty payout.
  • Only the first reporter of an issue can collect the bounty
  • You must be over the age of 18 to collect bug bounties
Acknoledgements

Security researchers who properly report bugs get a place in our hall of fame!

Security issues

Report any security issues to the following email address.

Other bugs

Please report other bugs, issues, or in-game exploits on the bug report section of the server's respective forums.