The 2PI Network bug bounty program is focused around our smart contracts, websites, and apps with a primary interest in the prevention of loss of user funds.
Smart Contracts and Blockchain*
| Level | |
|---|---|
| Critical | up to USD $50,000 |
| High | up to USD $25,000 |
| Medium | up to USD $10,000 |
| Low | up to USD $2,000 |
*All bug reports must include a Proof of Concept demonstrating how the vulnerability can be exploited to be eligible for a reward. This may be a smart contract itself or a transaction.
Website and Apps
| Level | |
|---|---|
| Critical* | up to USD $15,000 |
*XSS reports are restricted to those that have an impact of prompting a user to sign a transaction or a redirect.
All payouts are done by the 2PI Network team and are pegged to the USD values set here and are payable in DAI.