PowerPool
  • powerpool overview
    • PowerPool
      • PowerPool DAO Story
      • Value Proposition
      • Use Cases
      • CVP Token
      • Vision 2027
    • Blockchain Automation
      • Glossary
    • PowerAgent Stats
    • How to contribute
    • Contracts and Links
  • Power Agent
    • 🎯PowerAgent features
    • 🏛️Architecture
      • ℹ️Agent
      • ℹ️Keeper
      • ℹ️Job
        • Full Specification
    • 📜User Guides and Instructions
      • ❓I Want to Automate my Tasks
        • Job Registration Guide
      • ❓I Want to Become a Keeper
    • ℹ️Scenarios
    • ⌛Old Pages
      • Installation Guide (Old)
        • Prerequisites
        • DAppNode Installation
        • Registering in PowerAgent
        • Installing PowerAgent Package on DAppNode
        • Standalone Installation
        • Chain-specific configs
      • Keeper (Old)
        • Keeper Registration and Update
        • Keeper staking, withdrawal, and deactivation
          • Keeper activation and deactivation in PPAgentV2RANDAO
        • Keeper assignment and release in RanDAO realisation
      • Job (Old)
        • Job Registration & Update
        • Job funds deposition and withdrawal
      • Agent (old)
        • Page
        • Execution
      • Technical Implementation (Old)
        • Hooks and helper functions
        • Errors
        • Modifiers
          • Flags
      • Job Registration Guide (Old)
      • 📑Testnet Rules
      • Slashing
        • Copy of Slashing
      • Task Reward and Gas Compensation
        • Fees and income sources
        • Copy of Task Reward and Gas Compensation
  • PowerPool Incentives
    • PowerPool Points Program
  • Security
    • Bug Bounty
    • Security Audits
  • Research
    • Automation Networks Research
      • Approaches on Keeper Selection
      • On-chain Random Number Generation
      • Keeper Weighing
      • 🌊PowerPool & PowerAgent Automation Network
      • Value Proposition-PowerPool
    • PowerAgent v2.1
      • Keeper Selection
      • Hooks
  • Resources
    • Website
    • Twitter
    • Medium
    • Discord
    • Github
    • Telegram
    • Governance Voting
    • Governance Forum
  • Legacy & Deprecated
    • Index Products
      • $YLA: Yearn Lazy Ape
        • Invest (ZAP) in YLA with low fees
        • Instant YLA mint via USDC
        • $CVP Boost Program
        • Redeem YLA
        • YLA Onsen Liquidity Mining [deprecated]
      • $BSCDEFI: BSC DeFi Pool/Index
        • Guide: Mint $BSCDEFI with $BNB
        • Guide: Multi-Asset $BSCDEFI Mint
        • Guide: PancakeSwap LM Farming
        • Add $BSCDEFI to MetaMask.
        • Redeem $BSCDEFI
      • $ASSY: Aave, SushiSwap, Synthetix, and Yearn Index
        • $CVP Boost Program
        • Underlying Token Staking
      • $PIPT: PowerIndex Pool
      • $YETI: Yearn Ecosystem Index
      • Market Price vs Fair Value
      • About ZAP
    • CVP reward program
      • How to create a DCA flow in Partitura
Powered by GitBook
On this page
  • Requirements
  • Rewards for responsible disclosure

Was this helpful?

  1. Security

Bug Bounty

PreviousPowerPool Points ProgramNextSecurity Audits

Last updated 4 years ago

Was this helpful?

Requirements

Disclosure must be made privately directly to the PowerPool team (e.g. by emailing to )

The bug must not be exploited by the discloser except possibly for negligible amounts (and only if this is required to demonstrate the exploit)

The discloser must not reveal the exploit to anybody except the PowerPool team until the PowerPool team have addressed the exploit.

All disclosures must include detailed steps on how to perform the exploit.

Only the first discloser of a particular bug is eligible for a reward, although the PowerPool team may reward subsequent disclosures if they either provide additional information above the first report, or the bug is particularly severe, at the PowerPool team’s discretion.

Rewards for responsible disclosure

Exploits are divided into categories at the PowerPool team’s discretion.

Note

Exploit with minimal real impact, e.g. cosmetic issues. 50 - 250 CVP

Minor

Minor impact, e.g. exploits affecting functionality of the products, ability to vote, withdraw, etc. 250 - 1,000 CVP

Major

Exploits which can be used to access or take money that a user is not entitled to, e.g. exploits which can be used to mint additional tokens without providing the requisite inputs. 1,000 - 10,000 CVP

Critical

Critical exploits, e.g. the recent bug that in one of our smart contracts. 10,000 - 50,000 CVP[*]

Bug bounty rewards are not vested owing to their importance.

info@powerpool.finance