Join the Immunefi Discord serverLet's do it
8 January 2021
Badger DAO builds applications to help bring Bitcoin to DeFi.
Verification of Badger DAO’s bug bounty program on Immunefi is available at https://badger-finance.gitbook.io/badger-finance/bug-bounty
Rewards are distributed according to the exploitability level of the vulnerability and its impact based on the Immunefi Vulnerability Severity Classification System.
All bounties are capped at a maximum of 10% of the funds potentially affected.
|Critical - Empty or freeze the contract’s holdings||Up to $500,000|
|High - Token holders temporarily unable to transfer holdings||Up to $5,000|
|Medium - Denial of Service (e.g. unbounded gas, block stuffing)||Up to $500|
|Low - Contract fails to deliver promised returns (e.g. high-level economic errors)||Up to $250|
|None - N/A||$0|
Payouts are handled by Badger directly. Payouts are denominated in USD and are paid out in the reporter’s choice of:
We are especially interested in receiving and rewarding vulnerabilities of the following types:
The following vulnerabilities are not eligible for bounties under this program:
Additionally, Badger’s website hosted at https://badger.finance/ and the infrastructure that hosts that site are excluded from this bug bounty program. Reports of web vulnerabilities that do not impact Badger’s Web3 smart contract interface will not receive a payout under this program. Web vulnerabilities that are claimed to impact Badger’s Web3 smart contract interface must be accompanied by a proof-of-concept exploit. Web vulnerabilities may be included in future versions of this program; watch this page for updates.
The following actions and behaviors are prohibited. Doing so will prevent collection of a bounty and may result in prosecution:
Join our whitehat community and get notified when new bounties launch on the platform