🐛
Security Bounty Program
If you report security issues within our backend, smart contracts, and production operations, we offer a security bounty program. To be eligible for a bounty, be sure to follow these requirements:
- 1.Make sure you can describe the security issue you found in a concise and reproducible way.
- 2.Contact us first. If you use or publish the vulnerability you will not be eligible for a bounty payout. Our contact address is [email protected].
- 3.Give us time to assess and address the issue. Sometimes behaviour can be perceived as security issue.
We will grade severity of reported issues and use the CVSS scale as a guideline. The ultimate decision about the severity we consider to be achieved remains in our discretion.
Severity | Payout |
Low | 1 000 - 2 500 USDC |
Medium | 5 000 USDC |
High | 40 000 - 75 000 USDC |
Payouts will be conducted in an established ERC20 stablecoin like USDC. Please make sure to be able to receive ERC20 tokens.
Last modified 4mo ago