🪐
Cantina Docs
  • 🪐Welcome to Cantina
  • 🤝Services
    • Security Reviews
    • Competitions
    • Bug Bounty
    • Guilds
    • Public Goods
  • 💵Referral program
  • 📄Public Reports
  • 👑Reputation
  • 👥Cantina Account
    • 🔷Claim an Account
    • 🔷Company Account
      • 🔹Create a Company Account
      • 🔹Managing users
      • 🔹Company Dashboard
      • 🔹Company Reviews
    • 🔷Security Researcher Account
      • 🔹Create Security Researcher Account
      • 🔹Security Researcher Dashboard
      • 🔹Calendar
      • 🔹Reviews
      • 🔹KYC and Payments
  • 💻Cantina Code
    • 🕵️Cantina Code for Security Researchers
      • 🔶Code Review
        • 🔸Download content and toggle sidebar
        • 🔸Highlighting code
      • 🔶Findings
        • 🔸Findings Submission
        • 🔸Findings Labels
        • 🔸Findings Status
        • 🔸Add code to existing finding
        • 🔸Examples
      • 🔶Chat
      • 🔶Reports
      • 🔶Comments & Pings
      • 🔶Diagrams & Formulas
    • 🏢Cantina Code for Companies
      • 🗄️Responding to Pings
      • 🗄️Responding to Findings
      • 🗄️Report Generation
  • 🏆Cantina Competitions
    • 🕵️For Security Researchers
      • 🔶Payments
      • 🔶Teams
      • 🔶Finding Status
      • 🔶Finding Labels
    • 🏢For Companies
      • 🗄️Competition Submission Template
    • 🧑‍⚖️Judging Process
      • 📜Finding Severity Criteria
      • 📜Scoring
      • 📜Judging Phase
      • 📜Escalation Process
    • 🤝 Fellowship Steward Model
  • 💰 Cantina Bounties
    • Bounty Severity Classification
    • Mediation Process for Bounties
  • ✅ Cantina Bug Bounty Coverage
    • Cantina Coverage Details
  • ❓FAQ
    • ❔FAQ Competitions
    • ❔FAQ Security Reviews
  • 🔗Links
Powered by GitBook
On this page
  • Mediation Process
  • Handling Client Disagreements
  • Communication Guidelines
  • Conclusion
  1. 💰 Cantina Bounties

Mediation Process for Bounties

At Cantina, we strive to create a collaborative environment where researchers and clients can work together to enhance security. Our mediation process is designed to handle disputes that arise during the evaluation of bug bounty submissions. This document outlines the steps involved in the mediation process, the roles of each party, and the guidelines for resolving disagreements.

Mediation Process

1. Submission of Finding

  • Researcher: Submits a finding through the Cantina platform.

  • Client: Reviews the finding and provides initial feedback/decision.

2. Disagreement

Disagreements may arise in the following scenarios:

  • The client disagrees with the finding or its severity.

  • The researcher disagrees with the client's decision.

3. Escalation to Cantina

If a resolution cannot be reached between the researcher and the client, either party can escalate the finding to Cantina for mediation.

4. Triage and Solution Proposal

  • Cantina Triaging Team: Reviews the finding and comments from both parties.

  • Proposal: Proposes a fair solution based on triaging guidelines.

  • Decision: The team adds their decision on the finding's validity.

5. Final Decision

  • Client: Has the final say on whether to accept or reject the proposed solution.

Handling Client Disagreements

Default to Client's Perspective

While we respect the client's perspective, we also ensure that our platform maintains high standards of fairness and integrity.

Respectful Public Disclosure

We encourage all parties to resolve disputes amicably and encourage respectful public disclosure if allowed. Our goal is to maintain a professional and respectful environment for all participants.

Client Rejection Policy

If a client rejects more than five findings in one year that we believe are valid, we reserve the right to take the following actions:

  • Review: Conduct a thorough evaluation of the client's participation on our platform and take appropriate action to ensure platform integrity is maintained for all participants.

Communication Guidelines

During Mediation

  • Direct Communication: Cease direct communication with the other party during mediation.

  • Reporting: All concerns and additional information should be reported directly to Cantina in the report page.

Status Updates

  • Researcher: Can request status updates by reaching out to Cantina directly in the relevant bug report thread.

Conclusion

Our mediation process is designed to ensure a fair and transparent resolution to disputes. By following these guidelines, we aim to create a win/win outcome for both researchers and clients, fostering a collaborative and secure environment.

PreviousBounty Severity ClassificationNext✅ Cantina Bug Bounty Coverage

Last updated 1 month ago