Security Bounty Program
If you report security issues within our backend, smart contracts, and operations, we offer a security bounty program. To be eligible for a bounty, be sure to follow these requirements:
  1. 1.
    Make sure you can describe the security issue you found in a concise and reproducible way.
  2. 2.
    Contact us first. If you use or publish the vulnerability you will not be eligible for a bounty payout. Our contact address is [email protected].
  3. 3.
    Give us time to assess and address the issue. Sometimes behaviour can be perceived as security issue.
We will grade severity of reported issues and use the CVSS scale as a guideline. The ultimate decision about the severity we consider to be achieved remains in our discretion.
Severity
Payout
Low
1000-2500 USDC
Medium
5000 USDC
High
40000-75000 USDC
Payouts will be conducted in an established ERC20 stablecoin like USDC. Please make sure to be able to receive ERC20 tokens.
Last modified 19h ago
Export as PDF
Copy link