Bug Bounties
Scope: Issues which can lead to substantial loss of money, critical bugs like a broken live-ness condition or irreversible loss of funds.
Disclosure policy:
Let us know as soon as possible upon discovery of a potential security issue.
Provide us a reasonable amount of time to resolve the issue before any disclosure to the public or a third-party.
Exclusions:
Already known vulnerabilities.
Vulnerabilities in front-end code not leading to smart contract vulnerabilities.
Eligibility:
You must be the first reporter of the vulnerability
You must be able to verify a signature from same address
Provide enough information about the vulnerability
Bounty payout:
Up to 1,000$
Up to 10,000$
Up to 100,000$
Misc
Vulnerabilities and ability to manipulate the gauge allocations
Ability to unlock and steal underlying from veNFTs or redirect harvest fees to another address.
Contact: [email protected]
Last updated