Bug Bounty Program

At Robux Walls, we take your safety, security, and privacy seriously. We utitlize the best practices and are confident that are systems are secure at all times. We are committed to protecting our customers' privacy and personal data we receive from them, which is why we are offering a bug bounty program - the first of its kind within the robux earning industry. We believe that this program will further bolster our user experience and overall security which will allow us to contiue to provide the excellent service you've come to expect from us. If you think that you may have discovered a potential bug that affects the security of our websites, apps and/or other online portals, please let us know immediately. If your submission meets our requirements, we will happily reward you for giving us your time and effort.

What is a bug bounty program?

A bug bounty program permits independent researchers and users to discover and report security issues that affect the confidentiality, integrity, and/or overall availability of user or company data/information and rewards them for being the first to discover and report a bug.

Eligibility requirements

To ensure that all submissions and accompanying payouts for bounties are fair and relevant for everyone, the following eligibility requirements and guidelines apply to all independent submissions to the bug bounty program:

  • All bugs reported must be new discoveries. Only the first report for any particular bug or issue will be awarded a bounty.
  • The submission must be made by a Robux Walls member in good standing. If you're not yet a member, join Robux Walls now.
  • The submitter must not reside in a country currently on a United States sanctions list.
  • The submitter must not be a current or former employee of Robux Walls or any other partner company, or a family member or household member of an employee of Robux Walls or any partner company.
  • The submitter must not be the author of the vulnerable code.
Bugs that are eligible for submission:
  • Authentication bypass
  • Bugs on Robux Walls-operated, user-facing applications.
  • Bugs on the Robux Walls app
  • Bugs in third-party assets loaded by Robux Walls-operated, user-facing applications
  • Cross-site request forgery
  • Cross-site scripting (XSS)
  • Potential for information disclosure
  • Remote code execution
  • Timing attacks that prove the existence of private users, or accounts
  • The ability to enumerate withdrawals, User Ids, PINs, or passwords (Note: Please do not attempt brute-force attacks on our systems. Report the potential bug and we will verify its validity.)
Bugs that are not eligible for submission:
  • Bugs that only affect legacy or unsupported browsers, plugins or operating systems
  • Bugs on internal sites for Robux Walls employees or support personnel (not user-facing)
  • Bugs on applications, sites, or offer walls not operated by Robux Walls
  • Bugs related to common OS or device misconfiguration
  • Bugs related to internet connectivity issues
  • Insecure cookie settings for non-sensitive cookies
  • Previously submitted bugs
  • Self-cross-site scripting
  • Vulnerabilities that apply only to you or your own account
  • Web server banner disclosure issues
  • Basic styling or user experience issues related to resolution

Do not attempt:

Attempting any of the following will result in is permanent disqualification from the bug bounty program, account restriction, and possible criminal and/or legal investigation. We do not allow any actions that could negatively impact the experience on our websites, apps, or online portals for other Robux Walls customers.

  • Brute-force attacks
  • Code injection on live systems
  • The compromise or testing of Robux Walls accounts that are not your own
  • Any threats, attempts at coercion or extortion of Robux Walls employees, other partner company employees, or customers
  • Physical attacks against Robux Walls employees, other partner companies, or customers
  • Vulnerability scans or automated scans on Robux Walls servers (including scans using tools such as Acunetix, Core Impact or Nessus)

Bounties

If you have discovered a security bug that meets the requirements, and you're the first eligible person to report it, we will happily reward you for giving us your time and effort.

Submissions

If you think you have discovered an eligible security bug, we would love to hear from you and work to resolve it promptly.

  • Please email us at HelpDesk@RobuxWalls.com and include "Bug Bounty Submission" in the subject line.
  • Within the body of the email, please describe in detail the nature of the bug along with any steps required to replicate it, as well as any pertinent applications, programs or tools used to discover the bug and the date and time that testing took place.
  • Include your legal name (required for payout), Robux Walls username, phone number and IP address used at the time of testing with your submission.
  • A drafted report including fullscreen screenshots with the issues legible is greatly appreciated.

Please feel free to reach out to our support team on discord with any questions regarding the bug bounty program. We receive a lot of submissions through the program, so we may not be able to reply to your email right away, but we'll respond as soon as possible. We look forward to hearing from you.