Immunefi
Immunefi
Back to Explore
Mitigation Audit | Folks Finance-logo

Mitigation Audit | Folks Finance

|

Folks Finance is a leading DeFi platform providing innovative tools for lending, borrowing, trading and managing digital assets, all in one place.

Status

Finished
Rewards Pool
$25,000
Vault TVL
To be determined
Started
27 August 2024
Ended
05 September 2024
Rewards Token
USDC
nSLOC
500

  • Triaged by Immunefi

  • PoC required

  • Vault program

Findings Report
LeaderboardInformationScopeResources

This Audit Competition Is Over

Audit Competition cards for security researchers with paid reports are available here.

All paid bug reports are available in original format here.

Started
27 August 2024 11:00 UTC
Ended
05 September 2024 11:00 UTC

VaultImmunefi vault program

Funds available

$0

30d Avg. Funds availability

$0

Assets in vault

    Public vault address

    0x3bbcc4625B6caAF4Fd2623FEdCE94DBfc1c28036

    Rewards

    Mitigation Audit | Folks Finance provides rewards in USDC on Ethereum, denominated in USD.

    Rewards by Threat Level

    Smart Contract
    Critical
    Portion of the $25,000 USD Reward Pool
    High
    Portion of the $25,000 USD Reward Pool
    Medium
    Portion of the $25,000 USD Reward Pool
    Low
    Portion of the $25,000 USD Reward Pool

    The following reward terms are a summary, for the full details read our Folks Finance Mitigation Audit Reward Terms

    The purpose of a Mitigation Audit is for whitehats to assess whether the set of fixes from the original Folks Finance Audit Competition both fully resolve the reported vulnerabilities and do not introduce new ones. Hunting on a Mitigation Audit involves understanding the root cause of the issues and verifying that the patches or mitigations directly address the causes.

    This is crucial to ensure that the vulnerabilities are fully fixed and do not leave other avenues open for exploitation.

    The rewards pool is partly distributed with the following formula, and partly at Immunefi’s discretion. The main purpose of a Mitigation Audit is to reward vulnerabilities, exploiting the fixes of the original Audit Competition.

    The portion of the reward pool is to reward high-quality whitehat contributions, such as valuable but technically invalid bug reports which are called Insights. More information about Insight reports can be found in this Help Center article.

    The reward pool size for Mitigation Audit | Folks Finance is $25,000 USD. If no bugs or only Insights are found, the reward pool will be - 10% of the largest reward pool ($2,500 USD).

    For this Audit, duplicates are valid for a reward.

    View impacts in scope

    Program Overview

    Folks Finance is a leading DeFi platform providing innovative tools for lending, borrowing, trading and managing digital assets, all in one place.

    Folks Finance are expanding with a new cross-chain lending protocol using a hub and spoke model. The hub chain, Avalanche, contains the main logic and state of the lending protocol. The spoke chains, initially EVM, act as an entry point for a user to interact with the protocol.

    Chainlink CCIP and Wormhole Messaging are used to communicate between the spoke chains and hub chain. Circle CCTP is used for native cross chain transfers of USDC.

    For more information about Folks Finance and their existing products, please visit https://folks.finance. Folks Finance provides rewards in USDC, denominated in USD.

    KYC not required

    No KYC information is required for payout processing.

    Proof of Concept

    Proof of concept is always required for all severities.

    Total Assets in Scope
    34