Security Bounty Program

Make sure you can describe the security issue you found in a concise and reproducible way.
Contact us first. If you use or publish the vulnerability you will not be eligible for a bounty payout. Our contact address is [email protected].
Give us time to assess and address the issue. Sometimes behaviour can be perceived as security issue.

We will grade severity of reported issues and use the CVSS scale as a guideline. The ultimate decision about the severity we consider to be achieved remains in our discretion.


Severity	Payout
Low	500 - 2500 USDC
Medium	2500 - 5000 USDC
High	5000 - 7500 USDC

Payouts will be conducted in an established ERC20 stablecoin like USDC. Please make sure to be able to receive ERC20 tokens.

Community & Support Overview

⌘I

How-to Guides

Chain-specific Guides

Methodologies

General Guides

Resources

Security Bounty Program