Lightspark BBP icon Lightspark BBP HackerOne

Target Policy
https://hackerone.com/lightspark_bbp?type=team
Structured Scope
  • Asset Identifier
    Asset Type
    Max Severity
  • lightsparkdev/lightspark-crypto-uniffi
    SOURCE_CODE
    critical
  • lightsparkdev/js-sdk

    Note that if you find a common vulnerability across our SDKs, we will treat them as one vulnerability for purposes of bounties.

    SOURCE_CODE
    critical
  • lrc20.lightspark.com
    URL
    critical
  • app.uma.money

    Login and signup for Lightspark Extend for UMA.

    URL
    critical
  • https://github.com/lightsparkdev/python-sdk

    Note that if you find a common vulnerability across our SDKs, we will treat them as one vulnerability for purposes of bounties.

    SOURCE_CODE
    critical
  • status.lightspark.com
    URL
    high
  • https://github.com/lightsparkdev/go-sdk

    Note that if you find a common vulnerability across our SDKs, we will treat them as one vulnerability for purposes of bounties.

    SOURCE_CODE
    critical
  • lightsparkdev/kotlin-sdk

    Note that if you find a common vulnerability across our SDKs, we will treat them as one vulnerability for purposes of bounties.

    SOURCE_CODE
    critical
  • https://github.com/buildonspark/spark
    SOURCE_CODE
    critical
  • https://github.com/buildonspark/lrc20
    SOURCE_CODE
    high
  • https://github.com/lightsparkdev/lightspark-rs

    Note that if you find a common vulnerability across our SDKs, we will treat them as one vulnerability for purposes of bounties.

    SOURCE_CODE
    critical
  • lightsparkdev/flutter-sdk

    Note that if you find a common vulnerability across our SDKs, we will treat them as one vulnerability for purposes of bounties.

    SOURCE_CODE
    critical
  • http://api.lightspark.com

    APIs for our core backend, both our Lightning node products and our Spark SO.

    URL
    critical
  • https://link.uma.me

    Login and signup for Lightspark Extend for UMA.

    URL
    critical
  • http://app.lightspark.com
    URL
    critical
Target Scope Domains
  • api.lightspark.com
  • app.lightspark.com
  • app.uma.money
  • link.uma.me
  • lrc20.lightspark.com
  • status.lightspark.com
Tech Stack
  • Amazon Cloudfront
  • Amazon Elb
  • Amazon S3
  • Amazon Web Services
  • Gunicorn
  • Hsts
  • Python
Last Finished Scan:
Scan Name
Fleet
Finished
State
auto-gausubs-2-kcrlf
allkxss
1 month, 2 weeks ago
Finished
auto-gausubs-2-kcrlf
  • Fleet: allkxss
  • Duration: 24 Seconds
  • Finished: 1 month, 2 weeks ago