16 March 2021
Live since
No
KYC required
$250,000
Maximum bounty
Rari Capital was founded upon a principle whereby yield could be generated without speculation, and instead: utilization. Rari Capital is managed by the $RGT which manages governance over all of the Rari Protocol, a DeFi robo-advisor for maximizing yield. The Rari Protocol is pursuing a DeFi Manifest Destiny of sorts. Yield aggregation is just the start…tranches, fuse, governance and a hell of a lot more are coming soon–we are working to build Finance 2.0.
Let’s take this world from the corrupt hedge funds and centralized institutions that have hurt the masses for centuries. Let’s give it back to the people. And that begins with the yield.
The bug bounty program is focused around its smart contracts and the prevention of loss of user funds.
Rewards are distributed according to the impact of the vulnerability based on the Immunefi Vulnerability Severity Classification System. This is a simplified 5-level scale, with separate scales for websites/apps and smart contracts/blockchains, encompassing everything from consequence of exploitation to privilege required to likelihood of a successful exploit.
Smart Contracts and Blockchain
Level | |
---|---|
Critical | USD $250,000 |
High | USD $100,000 |
Medium | USD $50,000 |
Low | USD $10,000 |
Payouts are handled by the Rari Capital treasury (voted on by governance) directly and are denominated in USD. Payouts under $50 000 are paid in USDC or DAI. All payouts that are higher are done in an 80/20 mix of RGT and a stablecoin (USDC or DAI), respectively.
Target | Type |
---|---|
https://github.com/Rari-Capital/open-oracle | Smart contract |
https://github.com/Rari-Capital/fuse-contracts | Smart contract |
https://github.com/Rari-Capital/compound-protocol | Smart contract |
https://github.com/Rari-Capital/rari-ethereum-pool-contracts | Smart contract |
https://github.com/Rari-Capital/rari-stable-pool-contracts | Smart contract |
We are especially interested in receiving and rewarding vulnerabilities of the following types:
Smart Contracts/Blockchain:
The following vulnerabilities are excluded from the rewards for this bug bounty program:
The following activities are prohibited by bug bounty program:
Join our whitehat community and get notified when new bounties launch on the platform