Join the Immunefi Discord serverLet's do it
14 December 2020
Mushrooms Finance is yet another crypto earning vault with a focus on seeking sustainable profit in the DeFi universe. The first version of the Mushrooms Finance smart contracts were created out of inspiration from popular DeFi projects like Yearn Finance (YFI) and Sushiswap, among many others.
Verification of Mushrooms Finance’s bug bounty program on Immunefi is available at https://github.com/mushroomsforest/deployment/blob/main/security.md
Rewards are distributed according to the exploitability level of the vulnerability and its impact based on the Immunefi Vulnerability Severity Classification System.
|Critical - Empty or freeze the contract’s holdings||$4,000 - $10,000|
|High - Token holders temporarily unable to transfer holdings||$800 - $4,000|
|Medium - Denial of Service (e.g. unbounded gas, block stuffing)||$200 - $800|
|Low - Contract fails to deliver promised returns (e.g. high-level economic errors)||$50 - $200|
|None - N/A||$0|
The rewards represent the maximum that will be paid out for a security bug reporting.
Payouts are handled by Mushrooms Finance directly. Payouts are denominated and are paid out in USDC:
|https://github.com/mushroomsforest/deployment||Deployed smart contracts|
For other artifacts outside of those mentioned above, please do reach out to the Mushrooms Finance core dev team for clarification on a case by case base.
In the event that Mushrooms Finance becomes aware of security issues affecting other projects that do not affect Mushrooms Finance, we may inform those projects of those security issues, on a best-effort basis.
In the case where Mushrooms Finance fixes a security issue that also affects other partners and/or well-known projects, Mushrooms Finance’s intention is to engage in responsible reporting with them as described in this security standard.
Join our whitehat community and get notified when new bounties launch on the platform