The Drift Protocol Bug Bounty Program is focused on our smart contracts with a primary interest on preventing:
- thefts and freezing of principal of any amount;
- thefts and freezing of unclaimed yield of any amount; and
- theft of governance funds.
Smart Contracts and Blockchain
| Level | Reward |
|---|---|
| Critical* | up to USD $500,000 |
| High** | USD $50,000 |
| Medium | USD $25,000 |
| Low | USD $5,000 |
* All Critical Smart Contract bug reports must include a Proof of Concept and a suggestion for a fix to be eligible for a reward. Rewards are capped at 10% of economic damage, primarily taking into consideration funds at risk, but also PR and branding aspects, at the discretion of the team. However, there is a minimum reward of USD$50,000.
** All High Smart Contract bug reports require a Proof of Concept to be eligible for a reward
Explanations and statements are not accepted as Proof of Concept and code is required. Payouts are handled by the Drift Protocol team and are pegged to the USD values set here and are payable in USDC.
You can see more information about the bug bounty at immunefi here : https://www.immunefi.com/bounty/driftprotocol