In June, we invited select researchers to a private version of the bug bounty program. Today, we announce the public version, which will progress in iterations as we near the launch of MCD:
- The scope of assets will increase, and assets already in scope may also receive minor updates.
- Bug bounty amounts will increase.
The initial scope is a selection of MCD smart contracts as deployed on Ethereum Kovan testnet; more assets will be added toward MCD launch. The scope may also expand to include web applications, tools, etc.
For this iteration of the program, we will award $50,000 for discovery of a bug classified as Critical, in addition to smaller rewards for High-, Medium-, and Low-severity bugs.
The program is planned to continue indefinitely after the launch of MCD.
To learn more and participate as a researcher, please visit the HackerOne program page.