Bug Bounty Program

In June, we invited select researchers to a private version of the bug bounty program. Today, we announce the public version, which will progress in iterations as we near the launch of MCD:

  • The scope of assets will increase, and assets already in scope may also receive minor updates.
  • Bug bounty amounts will increase.

The initial scope is a selection of MCD smart contracts as deployed on Ethereum Kovan testnet; more assets will be added toward MCD launch. The scope may also expand to include web applications, tools, etc.

For this iteration of the program, we will award $50,000 for discovery of a bug classified as Critical, in addition to smaller rewards for High-, Medium-, and Low-severity bugs.

The program is planned to continue indefinitely after the launch of MCD.

To learn more and participate as a researcher, please visit the HackerOne program page.