# Bug Bounty ### Requirements Disclosure must be made privately directly to the PowerPool team (e.g. by emailing to ) The bug must not be exploited by the discloser except possibly for negligible amounts (and only if this is required to demonstrate the exploit) The discloser must not reveal the exploit to anybody except the PowerPool team until the PowerPool team have addressed the exploit. All disclosures must include detailed steps on how to perform the exploit. Only the first discloser of a particular bug is eligible for a reward, although the PowerPool team may reward subsequent disclosures if they either provide additional information above the first report, or the bug is particularly severe, at the PowerPool team’s discretion. ### Rewards for responsible disclosure Exploits are divided into categories at the PowerPool team’s discretion. #### Note Exploit with minimal real impact, e.g. cosmetic issues. 50 - 250 CVP #### Minor Minor impact, e.g. exploits affecting functionality of the products, ability to vote, withdraw, etc. 250 - 1,000 CVP #### Major Exploits which can be used to access or take money that a user is not entitled to, e.g. exploits which can be used to mint additional tokens without providing the requisite inputs. 1,000 - 10,000 CVP #### Critical Critical exploits, e.g. the recent bug that in one of our smart contracts. 10,000 - 50,000 CVP\[\*] Bug bounty rewards are not vested owing to their importance. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.powerpool.finance/powerpool-and-poweragent-network/security/bug-bounty.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.