Bancor has announced the launch of its Bancor V2 Bug Bounty as the launch of version 2 of the Bancor Protocol approaches.
The Bancor V2 Bug bounty program invites community members to take a look into its code and report for any vulnerabilities if they find any.
As the launch of #BancorV2 approaches, we are excited to announce the open-sourcing of Bancor V2 contracts with a public bug bounty. 💰 Bounty: https://t.co/xyZVQdWnYT 📃 Docs: https://t.co/xuWTPQQvMr ⚙️ Dynamic Automated Market Makers (DAMMs) Explained: https://t.co/4BgqQ9tycP pic.twitter.com/3n2dNVrAmh — Bancor (@Bancor) July 17, 2020
The code for Bancor V2 smart contracts was released on July 17. Community members will be incentivized if they are able to detect any bugs just before the launch.
Bancor’s Version 2 smart contracts features improvements in comparison to the previous one helping both its users and liquidity providers of the protocol.
While third-party audits are also ongoing, the bounty ensures that maximum parties scrutinize to search for vulnerabilities.
Severity of bugs will be assessed under the CVSS Risk Rating.
Awards for bugs discovered July 16–30 2020:
Critical (9.0–10.0): Up to $54,000
High (7.0–8.9): Up to $14,400
Medium (4.0–6.9): Up to $4,800
Low (0.1–3.9): Up to $1,800
Awards for bugs discovered after 12:00AM GMT July 30 2020:
Critical (9.0–10.0): Up to $45,000
High (7.0–8.9): Up to $12,000
Medium (4.0–6.9): Up to $4,000
Low (0.1–3.9): Up to $1,500
Rewards will be based on the impact of the discovered vulnerability as well as the level of difficulty in reproducing the vulnerability.
Moreover, Bancor also listed down certain conditions that are not within the scope of the bounty program, such as:
Bugs in any third party contract or platform that interacts with Bancor V2
Any previously reported or known bugs
Vulnerabilities already reported and/or discovered in contracts built by third parties on Bancor V2