Olas (formerly Autonolas) is a protocol for creating, running and co-owning autonomous AI services, secured by the OLAS token and a multi-chain on-chain protocol. This bug bounty covers the Olas on-chain protocol — the Solidity smart contracts spanning service registries, tokenomics, governance, and the marketplace deployed across Ethereum and 7 additional chains. The scope reflects the contract set reviewed in the Code4rena 2026-01 audit, including the OLAS token, veOLAS, cross-chain governance, the staking infrastructure, and the reward, bonding and protocol-owned-liquidity mechanisms.
PoC Required
KYC required
Rewards
Rewards by Threat Level
Mainnet assets:
Reward amount is 10% of the funds directly affected up to a maximum of:
$5,000Minimum reward to discourage security researchers from withholding a bug report:
$1,000Rewards are distributed according to the impact of the vulnerability based on the Immunefi Vulnerability Severity Classification System V2.2. This is a simplified 5-level scale, with separate scales for websites/apps, smart contracts, and blockchains/DLTs, focusing on the impact of the vulnerability reported.
Critical Smart Contract vulnerabilities are rewarded at 10% of economic damage, primarily taking into consideration funds at risk, but also PR and branding aspects, at the discretion of the team, capped at USD 5 000. High Smart Contract vulnerabilities are rewarded at up to USD 2 000. Medium Smart Contract vulnerabilities are rewarded at up to USD 1 000. Low Smart Contract vulnerabilities are not in scope for this program.
All Critical, High, and Medium Smart Contract bug reports must come with a PoC, have an end-effect impact, and an asset-in-scope in order to be considered for a reward. Explanations and statements are not accepted as PoC and code is required.
The following vulnerabilities are not eligible for a reward:
- All vulnerabilities mentioned in https://github.com/valory-xyz/autonolas-governance/tree/main/audits
- All vulnerabilities mentioned in https://github.com/valory-xyz/autonolas-governance/tree/main/docs
- All vulnerabilities mentioned in https://github.com/valory-xyz/autonolas-governance/tree/main/test
- All vulnerabilities mentioned in the comments on the contracts code https://github.com/valory-xyz/autonolas-governance/tree/v1.2.5-post-external-audit/contracts
- All vulnerabilities mentioned in https://github.com/valory-xyz/autonolas-registries/tree/main/audits
- All vulnerabilities mentioned in https://github.com/valory-xyz/autonolas-registries/tree/main/docs
- All vulnerabilities mentioned in https://github.com/valory-xyz/autonolas-registries/tree/main/test
- All vulnerabilities mentioned in the comments on the contracts code https://github.com/valory-xyz/autonolas-registries/tree/v1.3.3-post-external-audit/contracts
- All vulnerabilities mentioned in https://github.com/valory-xyz/autonolas-tokenomics/tree/main/audits
- All vulnerabilities mentioned in https://github.com/valory-xyz/autonolas-tokenomics/tree/main/docs
- All vulnerabilities mentioned in https://github.com/valory-xyz/autonolas-tokenomics/tree/main/test
- All vulnerabilities mentioned in the comments on the contracts code https://github.com/valory-xyz/autonolas-tokenomics/tree/v1.4.3/contracts
- All vulnerabilities mentioned in https://github.com/valory-xyz/autonolas-marketplace/tree/main/audits
- All vulnerabilities mentioned in https://github.com/valory-xyz/autonolas-marketplace/tree/main/docs
- All vulnerabilities mentioned in https://github.com/valory-xyz/autonolas-marketplace/tree/main/test
- All vulnerabilities mentioned in the comments on the contracts code https://github.com/valory-xyz/autonolas-marketplace/tree/v0.4.2/contracts
- All vulnerabilities that arise from misconfigured registration from users (e.g. component owners, agent owners, service owners, agent operators) or misuse of the registration logic (e.g. accidental locking of funds, loss of keys to control services, etc.).
Note on inherited and integrated third-party code: all external code is in scope where it is incorporated into or integrated with Olas's own contracts. The comprehensive list of in-scope external sources is:
- Inherited library code: OpenZeppelin (@openzeppelin/contracts and @openzeppelin/contracts-upgradeable), Solmate, Safe-Ecosystem safe-contracts (@gnosis.pm/safe-contracts), the Gnosis Mech base contract (gnosis-mech, used by the marketplace OlasMech), the Curve Finance VotingEscrow (ported into veOLAS), Uniswap V2 (@uniswap/v2-core and @uniswap/v2-periphery), Jeiwan zuniswapv2, and Polygon fx-portal.
- Integrated protocol / bridge infrastructure: Wormhole (wormhole-solidity-sdk and the L1/L2 transceivers), the OP-Stack CrossDomainMessenger (Optimism, Base, Celo, Mode), Polygon FxPortal, the Gnosis AMB / OmniBridge, the Arbitrum / Optimism / Base bridge contracts that the deposit processors call into, and the Balancer V2 Vault (queried by BalancerPriceOracle).
Issues reported against any of these sources will be assessed on the basis of their concrete impact on the in-scope Olas contracts. The Nevermined subscription condition contracts are not covered because the only Olas-side integration with them, SubscriptionProvider, is itself out of scope.
Autonolas requires KYC to be done for all bug bounty hunters submitting a report and wanting a reward. The information needed is an invoice with Name, Address, and Country of the hacker or a legal entity used for transactions. If the hacker is based in Switzerland they need to account for VAT in the invoice. The collection of this information will be done by the Valory team.
Payouts are handled by the Valory team directly and are denominated in USD. However, payouts are done in USDT and USDC, with the choice of the ratio at the discretion of the team.
Program Overview
Olas (formerly Autonolas) enables DAOs and individuals to create, run and co-own autonomous services that power applications in AI, DeFi automation, oracles, DAO operations, treasury management, and beyond. An Olas service is off-chain software that runs as a multi-agent system (MAS), replicated on a temporary consensus gadget (blockchain), while being crypto-economically secured on a public blockchain — offering robustness, transparency and decentralization to off-chain compute.
This bug bounty covers the Olas on-chain protocol: the set of Solidity smart contracts that register, incentivize and govern everything in the network. It is organized into four pillars:
- Registries - ERC-721 registries for code components, agents and services, plus the staking infrastructure (StakingFactory and staking-program contracts) that rewards services for remaining live and active.
- Tokenomics - OLAS emissions and the reward engine for developers, the bonding mechanism (Depository / Treasury), cross-chain staking-incentive distribution, and the protocol-owned-liquidity and buy-back-and-burn contracts.
- Governance - the OLAS token, the veOLAS voting-escrow token, GovernorOLAS with Timelock, and the cross-chain governance machinery (guards, bridge mediators and payload verifiers) that lets the DAO act across all supported chains.
- Marketplace — the OLAS Marketplace contracts that register mechs, route off-chain compute requests to them, settle payments via fixed-price and Nevermined-subscription balance trackers (the standalone Nevermined SubscriptionProvider adapter is out of scope), and account mech / requester reputation via the Karma contract.
The protocol is deployed on Ethereum and 7 additional chains (Gnosis, Polygon, Arbitrum, Optimism, Base, Celo, Mode). Contracts are immutable except where explicitly noted as proxy-upgradeable (e.g. the Tokenomics, staking, LiquidityManager, MechMarketplace and Karma proxies). The codebase has undergone extensive internal and external auditing, most recently the Code4rena 2026-01 competitive audit covering the governance, registries and tokenomics contracts that form the updated scope of this program.
For more information about Autonolas, please visit https://olas.network.
Audits
Known Issues
KYC required
The submission of KYC information is a requirement for payout processing.
Proof of Concept
Proof of concept is always required for all severities.
Responsible Publication
Category 3: Approval Required
Prohibited Activities
- Any testing on mainnet or public testnet deployed code; all testing should be done on local-forks of either public testnet or mainnet
- Any testing with pricing oracles or third-party smart contracts
- Attempting phishing or other social engineering attacks against our employees and/or customers
- Any testing with third-party systems and applications (e.g. browser extensions) as well as websites (e.g. SSO providers, advertising networks)
- Any denial of service attacks that are executed against project assets
- Automated testing of services that generates significant amounts of traffic
- Public disclosure of an unpatched vulnerability in an embargoed bounty
- Any other actions prohibited by the Immunefi Rules