The OnePlus Security Response Center (or OneSRC) is this OEM's first bug-bounty initiative. It offers cash incentives (in USD) to report deficiencies in its own software. They start from US$50, but go into 3 to 4 figures for the more severe vulnerabilities.
https://www.notebookcheck.net/OnePlus-opens-its-own-paid-security-incident-bounty-program.448143.0.html