Back

Flare & Immunefi launch a comprehensive bug bounty program

A new comprehensive bug bounty program is now live on Flare, powered by Immunefi, web3’s largest bug bounty platform.

To date, Immunefi actively protects $60 billion of funds, has prevented $25 billion in potential damages from hacks, and has paid $100 million in bounty rewards. The Immunefi program demonstrates Flare’s continued commitment to keeping the network, its builders, and its users secure.

Bug Bounty Program Key Points

Security has always been a top priority to Flare, and this is reflected in each aspect of the bug bounty program.

  • Max Bounty of USD 250,000.
  • No KYC required.
  • Rewards distributed in FLR.
  • Rewards based on threat level.
  • Scope of program includes Blockchain/DLT, Smart Contract, Web/App.
  • Scope will update regularly to include new products and assets.

Note that as more technical assets and products are added to the scope, the maximum bounty prize may increase as well.

Rewards Structure & Incentives

The bug bounty program invites and incentivizes both the Immunefi SR community and larger whitehat community to play a significant role in keeping the network secure. The amount in rewards will depend on the severity and threat level of the reported vulnerabilities, based on the Immunefi Vulnerability Severity Classification System V2.3.

Note that there are conditions, limitations, and circumstances that need to be met for bug bounty rewards. Please refer to the Bug Bounty Program documentation for a detailed breakdown of bug categories, rewards structure, reward amounts, and incentives.

Expanding The Network

In addition to the added safeguards enabled by Immunefi’s security researcher (SR) community, this integration will also drive awareness of Flare’s dynamic ecosystem and use cases to Immunefi’s SR community. In offering attractive rewards for identifying security vulnerabilities, it is Flare’s goal to further strengthen the integrity of the growing ecosystem on the blockchain for data.