Bug Bounty Program
Last updated
Last updated
Punk contributors place great value on maintaining high standards of user security. So, we operate a bug bounty program and will continue to strengthen the safe ecosystem and security. We need detailed analysis by Punkers, security engineers, and hackers. We give up to $50,000 in rewards depending on the severity level of the vulnerability for discovering potential security attacks or errors that could harm users.
The bug bounty will be applicable for the following repositories, sources, and sites: https://github.com/PunkFinance
Rewards are paid according to five severity levels and the likelihood of occurrence. The determination of all terms and conditions relating to bounty reward is at the sole discretion of the core developer of PUNK. Please refer to the reward system below.
Please submit your findings of the vulnerability to team@punk.finance.
When writing a bug report, please be as specific and clear as possible. The report will be great to include the following.
Vulnerability
The ways to find a vulnerability
Code for reproducing bugs
A description of what the vulnerability could pose as a security threat.
Screenshots
Submitter information (name, email address, wallet address)
Duplicate vulnerability (reward to the first submitter)
Reported by an official audit
Disclosing vulnerabilities to others in public places
Employees and businesses closely related to PUNK
Severity
Reward
Critical
$20,000 - $50,000
High
$10,000 - $20,000
Medium
$5,000 - $10,000
Low
$1,000 - $5,000
Note
$0 - $1,000