• Solutions
  • Developers
  • Blockchains
  • Blog
Wormholescan
Subscribe

Subscribe for updates

Subscribe to the Wormhole newsletter for exclusive updates.

Use Multichain Apps

Products

MessagingQueriesConnectNTTGateway

2024 Ⓒ Wormhole. All Rights Reserved.

11 Feb 2022

2 min read

Wormhole launches Bug Bounty Program on Immunefi with $10 million reward for critical bugs

Share:

We believe it is vital to motivate white hats to help keep the ecosystem secure. That’s why we are now offering the crypto industry’s largest bounty for critical attacks — $10 Million.

Our bug bounty program provides users with an additional level of security and shows our long-term commitment to making the Wormhole protocol and the greater DeFi ecosystem more secure.

If you find a bug, report it here:(https://www.immunefi.com/bounty/wormhole)

What is covered?

The bug bounty program covers smart contracts, web UI, guardian nodes, and Wormhole integrations. Its focus is on preventing:

  • Exploits resulting in the locking, loss, or theft of user funds.
  • General forging of unverified data or validation of forged messages.
  • Determinism bugs that could lead to inconsistent bridge states.
  • Governance manipulation.
  • Exposure of infrastructure private keys and/or PII.
  • Vulnerabilities in the node operating software resulting in invalid behavior.
  • Remote code execution.
  • Bugs that can facilitate Sybil attacks.

Rewards

Rewards are distributed according to the impact of the vulnerability and are based on the Immunefi Vulnerability Severity Classification System. This is a simplified 5-level scale, with separate scales for websites/apps and smart contracts/blockchains. It encompasses everything from consequence of exploitation to privilege required, as well as likelihood of a successful exploit.

Smart Contracts and Blockchain

  • Critical Up to $10,000,000
  • High $100,000
  • Medium $10,000
  • Low $2,500

Websites and Applications

  • Critical $50,000
  • High $10,000
  • Medium $5,000
  • Low $1,000

About Immunefi

Immunefi is the premier bug bounty platform for smart contracts and DeFi projects. It’s where security researchers review code, disclose vulnerabilities, and make crypto safer for all participants.

Because bug bounty programs allow security researchers to discover and disclose potential vulnerabilities in smart contracts and applications, the programs protect projects and their users. Security researchers are rewarded based on the severity of the vulnerability they discover, as determined by the project affected.

About Wormhole

Wormhole is a generic message passing protocol that connects high value blockchains together. Its applications leverage the core messaging layer to facilitate interoperability between ecosystems. Secured by 19 guardians, developers leverage the protocol to send arbitrary data cross-chain including tokens, NFTs, oracle data, governance decisions, and more. Recent implementations of Wormhole include the Portal bridge and NFT bridge, which allow for seamless asset transfers across supported chains. Wormhole is currently connected to Solana, Terra, Ethereum, Binance Smart Chain, Polygon, Avalanche, and Oasis. Its design — which is easily extensible and upgradable — allows for quick consensus, connects more chains, and enables developers to build on top of Wormhole easily.

Stay up to date with the latest news

Here’s your chance to get in on this one.

Discover More

Take a deep dive into our ever-evolving discussion on xChain technologies, new feature announcements, research, and more.

Introducing Native Token Transfers: A new open framework for making any token natively multichain

Introducing Native Token Transfers: A new open framework for making any token natively multichain

29 Feb 2024

4 min read

Wormhole is leading the way in blockchain interoperability, focusing on creating resilient, future-proof decentralized systems that prioritize ownership, control, and permissionles...

29 Feb 2024

4 min read

Subscribe for updates

Subscribe to the Wormhole newsletter for exclusive updates.

Products

MessagingConnectGateway

About

Terms of UsePrivacy Policy

2024 Ⓒ Wormhole. All Rights Reserved.