Last month, Astroport’s builders announced a $1.5 million bug bounty in partnership with DeFi’s leading bug bounty platform, Immunefi.
Now that Astroport is live, it’s time to double that reward to $3 million+.
Whitehat hackers can earn up to $3 million for a critical vulnerability. Additional bounty rewards are available in the tiers shown below.
All bounties are denominated in USD and payable in ASTRO.
Critical vulnerabilities are capped at 15% of possible economic damage. The main consideration is the funds affected, though brand and reputational considerations will also be factored in at the team’s discretion. There is a minimum bounty of $100,000 for critical bug reports.
If a bounty reward is less than or equal to $1 million, the payout will be distributed immediately. If the bounty is worth more than $1 million, $1 million will be paid up front, and the remainder will unlock linearly over 18 months after the initial $1 million payment is paid.
The following parameters will be used to calculate the price of ASTRO:
If a bug is found within seven days of Astroport’s launch, the price of ASTRO will be calculated as the Time-Weighted Average Price (TWAP) price in UST since launch. If a bug is found 1 week to 30 days after launch, the price of ASTRO will be the TWAP price in UST over the previous 7 days. If a bug is found 30 days+ after launch, the ASTRO price will be the TWAP price in UST over the previous 30 days.
As an adaptive Automated Market Maker (AMM) and Decentralized Exchange (DEX) built on Terra, Astroport has been coded from scratch in the Rust programming language. The protocol is committed to security and radical transparency, and this bug bounty will be the largest bug bounty in Immunefi’s history.
Immunefi protects more than $100 billion in user funds and is trusted by many of the biggest projects in DeFi including Chainlink, Nexus Mutual, Sushiswap and Synthetix. To date, it’s helped pay out more than $7.5 million in bounties including a $1.5 million payout to a single hacker who discovered a vulnerability on insurance platform ArmorFi.
To participate in the bug bounty or learn more, please visit ImmuneFi here: https://www.immunefi.com/bounty/astroport.
This article does not constitute investment advice. Before interacting with Astroport, review the project disclaimers here.
Follow Astroport on twitter to receive all of the latest transmissions from the fringes: https://twitter.com/astroport_fi.