The Oasis Foundation today launches a $100,000 bug bounty hosted on Immunefi, the leading bug bounty platform for Web3. Immunefi has contracted with the Oasis Foundation’s engineering team as technical experts to review and qualify valid bug reports.
Based on an agreement approved by both organizations in early February, the Oasis Foundation is launching a bug bounty program today to discover and mitigate potential security vulnerabilities. Researchers who participate in submitting valid reports through the bounty program can receive a maximum payout of up to $100,000 for critical security vulnerabilities, starting from:
- $1,000 for medium-severity protocol vulnerabilities;
- $10,000 for high-severity vulnerabilities;
- Between $10,000 to $100,000 for critical-severity vulnerabilities.
“We at Immunefi have a long track record of successful security services for Web3 technology teams, and we look forward to working with the Oasis Foundation team in supporting their continuous vigilance in protecting against evolving security threats in our industry,” said Sajjad Rehman, Vice President of Revenue at Immunefi.
For critical-security vulnerability reports submitted on the Oasis protocol, the offered reward amount is 10% of the funds directly affected by the bug and capped at the maximum critical-severity reward of $100,000. However, a minimum reward of $10,000 is also to be rewarded in order to incentivize security researchers against withholding on a bug report. Researchers can also submit critical-severity vulnerability reports on Oasis website and applications for a maximum reward of $10,000. Payouts for valid reports are handled by the Oasis team directly.
“Strong incentives are an important part of strong security, and we believe that a bug bounty program is a crucial element of our multifaceted support for safeguarding the Oasis Network,” said Jernej Kos, Director of the Oasis Foundation. “By launching the bug bounty program with Immunefi, we are taking another important step in strengthening the global Oasis ecosystem against potential vulnerabilities to ensure the long-term safety and durability of Oasis.”