Bug Bounty Program
The Penguin Finance bug bounty program is an incentive system rewarding white-hat hackers for helping us identify bugs that would result in the loss of user funds, either by direct draining of funds or manipulation of the website's source code to force the user to sign a malicious transaction. Smart Contracts and Blockchain*
Level
Critical
15% of VAR, up to $70,000 USD
High
$20,000 USD
Medium
$10,000 USD
Low
$3,000 USD
*All bug reports must include a Proof of Concept demonstrating how the vulnerability can be exploited to be eligible for a reward. This may be a smart contract itself or a transaction.
Website and Apps
Level
Critical*
$5,500 USD
High
$3,250 USD
Medium
$1,200 USD
*XSS reports are restricted to those that have an impact of prompting a user to sign a transaction or a redirect.
All payouts are done by the Penguin Finance team and are pegged to the USD values set here and are payable in PEFI or DAI.
To report a bug, message @pefidev or @codypefi on Telegram.
Last modified 2mo ago
Copy link