Summary
As a security researcher, you may wonder where Immunefi stands when making rules, mediating bug reports, or resolving conflicts between security researchers and projects. Answering this question is essential, as Immunefi’s goal is to make web3 safe for everyone.
To serve effectively as a mediator between security researchers and projects, Immunefi needs to be trustworthy and unbiased. Immunefi’s rules and mediation practices are designed to ensure that both parties are treated fairly and ethically. Ultimately, the aim of the platform is to create a safer web3 environment which requires aligning the incentives of security researchers & projects.
What incentivizes Immunefi to help security researchers who have a valid report?
Immunefi’s fee is an additional 10% on top of the payout that projects pay to security researchers. If security researchers don’t get paid for a bug report, neither does Immunefi. For valid reports, Immunefi will advocate strongly for the security researcher to be rewarded, even if the amount is small.
How do I know that Immunefi will not be biased against me (security researcher or project)?
Immunefi as a platform is incentivized to maintain a fair marketplace for security researchers and projects. Over the long-term, having a fair and trustworthy marketplace encourages more transactions than one that is biased and deceptive. Being fair and objective to all parties in our mediations is how we’ve built the biggest and best bug bounty platform in web3. This is the way.
Does Immunefi take action against unfair/unethical practices by both security researchers and projects?
Yes. Immunefi bans projects and security researchers for breaking the rules. Neither are exempt from following the rules and professional standards of the platform.
Comments
0 comments
Article is closed for comments.