Security

Bug Bounty Program

Threshold Network has a .

The details for the Bug Bounty are maintained and updated at the . There you can explore the assets in scope of the Bounty and the different rewards by threat level. As a guide, the initial bounty program launched with the following rewards according to the severity of the threats found:

Smart Contracts

• Critical Level: USD $100,000 to USD $500,000

• High Level: USD $10,000 to USD $50,000

• Medium Level: USD $1,000 to USD $5,000

• Low Level: USD $1,000

Websites and Applications

• Critical Level: USD $10,000 to USD $25,000

• High Level: USD $1,000 to USD $10,000

• Medium Level: USD $1,000

A great place to begin your research is by working on our testnet. Please see our to get started. We ask that you please respect network machines and their owners. If you find a vulnerability that you suspect has given you access to a machine against the owner's permission, stop what you're doing and create a report using the immunefi dashboard for researchers.

Rewards are distributed according to the impact of the vulnerability based on the . This is a simplified 4-level scale, with separate scales for websites/apps, smart contracts, and blockchains/DLTs, focusing on the impact of the vulnerability reported.

Reporting a Vulnerability Not Covered by the Bug Bounty Program

Threshold DAO will try to make an initial assessment of a bug's relevance, severity, and exploitability, and communicate this back to the reporter. The Threshold DAO will compensate findings on a case-by-case basis. We value security researchers and we encourage you to contact us to discuss your findings.

We also ask all researchers to please submit their reports in English.