Rewards

DerpDEX allocated up to 1% of $DERP token of its total supply for this developer bug bounty program based on the severity level of the bug disclosed and assets at risk.

Below are the severity levels for the bug bounty, please adhere to the Guidelines

Level	Description
Critical	These are issues that could affect a large number of users and have severe reputational, legal, or financial consequences. An instance of such a problem would be the ability to permanently lock contracts or seize funds from all users.
High	These are issues that affect single users, where exploitation could lead to reputational, legal, or moderate financial harm to the user.
Medium	The risk associated with these issues is relatively minor and doesn't endanger user funds.
Low/Informational	Such issues do not present an immediate threat but are significant in terms of adhering to security best practices.

Level

Description

Critical

These are issues that could affect a large number of users and have severe reputational, legal, or financial consequences. An instance of such a problem would be the ability to permanently lock contracts or seize funds from all users.

High

These are issues that affect single users, where exploitation could lead to reputational, legal, or moderate financial harm to the user.

Medium

The risk associated with these issues is relatively minor and doesn't endanger user funds.

Low/Informational

Such issues do not present an immediate threat but are significant in terms of adhering to security best practices.

Rewards will be allocated considering both the severity level defined above and the probability of the bug being activated or exploited, with the final decision lying entirely with the DerpDEX team. For more details on this scale, refer to the OWASP risk rating methodology page.

To report any vulnerability, please drop a mail at: hello@derpdex.com

PreviousGuidelines NextFAQ

Last updated 10 months ago