Bug Bounty Program

The xBacked protocol will under go an audit prior to launching on main net. This does not guarantee a flawless protocol, and if you have found a vulnerability, please discretely contact the development team via the "#report-bugs" Discord channel, or contact tech \@/ xbacked.io
We will ensure those who disclose vulnerabilities to us are compensated well, because protecting users' funds is critical to our mission and maintaining trust within the ecosystem.
Scope & Payouts
Scope: Web App & Servers
If you discover any security bugs within our web app, or within server configuration or anything else that is not smart contracts we use the Bugcrowd Vulnerability Rating Taxonomy. These pay outs are subject to change over time, and outline the maximum pay out for the technical severity.
Level
Payout
P1
$1500+ USD (depending on severity and impact)
P2
Up to $750
Scope: Smart contracts
If you find a bug or exploit in our smart contracts, and disclose is responsibly, we will pay out the following levels. Over time as the TVL of the protocol grows, so will these pay out scales. We use the Immunefi Vulnerability Classification System to classify smart contract bugs.
Level
Payout
Critical (funds can be drained)
Up to $100,000 USD
High
Up to $20000
Medium
Up to $5000
Low
Up to $1000

Level	Payout
P1	$1500+ USD (depending on severity and impact)
P2	Up to $750

Level	Payout
Critical (funds can be drained)	Up to $100,000 USD
High	Up to $20000
Medium	Up to $5000
Low	Up to $1000

Last modified 4mo ago