February 5, 2024

Stacking DAO Bug Bounty Program with Immunefi

Stacking DAO is launching a bug bounty in collaboration with Immunefi to guarantee the protocol security and make it as safe as it can be.

The program will be live starting today; read on to learn how to submit a bug and vulnerability on one of our smart contracts.

TLDR

The bug bounty program is launching today
‍
You can report bugs and be rewarded on the Immunefi platform.
‍
Rewards are based on the severity of the bug detected

Background

Since its launch in late December, Stacking DAO growth has been phenomenal, soaring to a TVL of over $25 Million already.

Stacking DAO team has already invested in an audit with CoinFabrik to address bugs and secure the protocol smart contracts.

But security is a top priority for Stacking DAO, and for this reason, a bug bounty is being launched to involve developers and community members who contribute to the security of the protocol.

In this way, vulnerability and bug hunters can be rewarded for reports on risks concerning smart contracts and the website.

How do I submit a bug?

If you’ve found a bug, you can submit it on the Immunefi platform: https://www.immunefi.com/bounty/stackingdao/

Upon submission, the team will investigate the bug. If it is confirmed that it is an unknown bug, the team will issue your rewards.

The reward amount varies based on the severity level according to the Immunefi Vulnerability Severity Classification System V2.2.

Regarding the payouts, they will be carried out in USDC and, depending on the type and severity of the issue found:

Smart Contract Category: $20,000 — $100,000 for a critical bug and $1,000 — $20,000 for a highly relevant one
‍
Websites and Applications Category: $5,000 — $25,000 for critical bugs

How do I know if my bug is eligible to claim my rewards?

The bug bounty program impacts that are valid for rewards are listed on the Immunefi platform. All other impacts are not considered as in-scope.

Bug reports covering previously-discovered bugs are not eligible for the program. This means that any unfixed vulnerabilities mentioned in the CoinFabrik reports are not eligible for a reward.

Moreover, if more people submit the same bug, only the first person to report it will be eligible to claim its rewards. All bug reports must come with a Proof of Concept to be considered for a reward.

All the detailed rules are available on the Immunefi page: https://immunefi.com/bounty/thesandbox/

Stacking DAO Details:

‍Mint stSTX today and earn up to 10% yield on your STX: https://app.stackingdao.com/

Follow us on Twitter to always be up to date on Stacking DAO: https://twitter.com/StackingDao

For any questions or support, join our Telegram community: https://t.me/+0jPjegAOoMwyNTU0

The latest news, product updates, thought leadership, and more from the StackingDAO team.

Stacking DAO Cycle Update: Whales borrowing stSTX on Zest

Stacking DAO Cycle update is the perfect format for the community to explore the latest news and milestones.

Unlocking Bitcoin Liquidity: How sBTC Will Catalyze Stacks DeFi

Babylon and cbBTC unlocked around 30k BTC into DeFi. Let's expolre how sBTC can replicate similar success on Stacks with DeFi protocols ready to unlock Bitcoin yield.

Stacking DAO Cycle Update: $3.8M+ in Stacking rewards