Bug Bounty Program
The xBacked protocol will under go an audit prior to launching on main net. This does not guarantee a flawless protocol, and if you have found a vulnerability, please discretely contact the development team via the "#report-bugs" Discord channel, or contact tech \@/ xbacked.io
We will ensure those who disclose vulnerabilities to us are compensated well, because protecting users' funds is critical to our mission and maintaining trust within the ecosystem.
If you discover any security bugs within our web app, or within server configuration or anything else that is not smart contracts we use the Bugcrowd Vulnerability Rating Taxonomy. These pay outs are subject to change over time, and outline the maximum pay out for the technical severity.
Level | Payout |
|---|---|
P1 | $1500+ USD (depending on severity and impact) |
P2 | Up to $750 |
P3 | Up to $500 |
P4 | Up to $250 |
If you find a bug or exploit in our smart contracts, and disclose is responsibly, we will pay out the following levels. Over time as the TVL of the protocol grows, so will these pay out scales. We use the Immunefi Vulnerability Classification System to classify smart contract bugs.
Level | Payout |
|---|---|
Critical (funds can be drained) | Up to $100,000 USD |
High | Up to $20000 |
Medium | Up to $5000 |
Low | Up to $1000 |
Last modified 5mo ago