Join the Immunefi Discord serverLet's do it
25 March 2021
The DSLA Protocol adds native risk management and parametric insurance capabilities to applications and networks. It does it by introducing a risk management framework that enables developers and infrastructure operators to reduce their users exposure to service delays, interruptions and financial losses, using self-executing service level agreements, bonus-malus insurance policies, and crowdfunded liquidity pools.
The DSLA token is at the heart of DSLA Protocol’s economics. Its main utility is to unlock access to exclusive protocol feature tiers, and fuel the execution of decentralized service level agreements over time. The total supply of DSLA tokens decreases through a native burn mechanism, as the protocol is being used to execute agreements, process claims and more.
The bug bounty program is focused around its smart contracts and is mostly concerned with the loss of user funds. Web and app bug reports are also accepted within this program, but do not have a reward.
Rewards are distributed according to the impact of the vulnerability based on the Immunefi Vulnerability Severity Classification System. This is a simplified 5-level scale, with separate scales for websites/apps and smart contracts/blockchains, encompassing everything from consequence of exploitation to privilege required to likelihood of a successful exploit.
Smart Contracts and Blockchain
Payouts are handled by the DSLA team directly and are denominated in USD. However, payouts are done in DSLA for High and Critical bug reports and may be done in USDC for Medium and Low bug reports.
|https://kovan.etherscan.io/address/0x688b443A489735D1B2a6D36cb7c1aa7668275542#code||Smart contract - Messenger.sol|
|https://kovan.etherscan.io/address/0x6C4F8C1DD7BDe4b0F7A626d14D0A24a198ae5973#code||Smart contract - SLA/SLA.sol|
|https://kovan.etherscan.io/address/0xaA55EE80d95FC17f3d97611816101c4F29EB8Afc#code||Smart contract - SLA/Staking.sol|
|https://kovan.etherscan.io/address/0x6C4F8C1DD7BDe4b0F7A626d14D0A24a198ae5973#code||Smart contract - SLARegistry.sol|
*Web and App bug reports are accepted within the scope of this bug bounty program, but have no payout.
For additional reference, here are the addresses of the other contracts of DSLA in the Kovan testnet. However, only those listed in the table above are within the scope of this program.
We are especially interested in receiving and rewarding vulnerabilities of the following types:
Accepted Web/App Vulnerabilities:
We accept the following website/app vulnerabilities, though there is no reward for them:
The following vulnerabilities are excluded from the rewards for this bug bounty program:
The following vulnerabilities are not sought after for website bug reports:
The following activities are prohibited by bug bounty program:
Join our whitehat community and get notified when new bounties launch on the platform