This bounty is for PoolTogether V5, which will be launched mid-April 2024. Links will be added when the code is ready and this notice will be removed.
We value contributions from the community to strengthen the security of the core protocol. We want to reward any hackers in good faith who report vulnerabilities.
The scope of this bounty includes the PoolTogether Protocol core smart contracts. The determination of the bug severity will be made by the bounties team.
Payouts will be as follows:
Critical: $11,363 - $22,727
High: $2272 - $4545
Medium: $500 - $909 USDC
Requirements:
The issue must be previously unreported, non-public vulnerability.
include enough detail for us to identify and reproduce the problem
Affect any core contracts that have been previously audited
Please send an email to hello@pooltogether.com AND reach out to Brendan on Discord to safely disclose vulnerabilities.
We determine the severity of an issue according to the ImmuneFi Vulnerability Classification
Determinations of eligibility and all terms related to this award are at the sole and final discretion of the reviewer.