How do we set up our vault?
To set up a vault, simply follow the instructions outlined in this help center article. If, at any point, you have additional questions or require assistance, please use this form to request help from our Customer Experience team.
How do we know that the assets stored within our vault are safe?
Our Vaults System is built using the Safe multisig smart contract. It’s one of the most battle-tested contracts in the industry, trusted with billions of funds. The system has also been audited internally, externally, and we have a fully transparent bug bounty program.
- Smart Contracts Audited and Verified: https://github.com/immunefi-team/vaults?utm_source=immunefi
Who can interact with our vault?
All admins of a BBP who have access to the vault’s owner wallet address can initiate a reward payment through Immunefi’s UI. This will generate a transaction that has to be signed by the vault’s owner wallet address. This owner address can be either an EOA wallet (such as metamask) or a multisig wallet. Immunefi suggests that a vault’s owner address should always be set up using a multisig wallet (e.g. Safe multisig).
Anyone can deposit funds into a vault.
Should goodwill payments be sent from our vault?
If you are using the Vaults System, then all payments, including goodwill payments, must be sent to whitehats via your vault. As with regular vault payments, Immunefi's 10% fee will automatically be added to the total amount.
Can we use our vault to make vested payments?
No, the vaults system does not support vested payments.
Will we be automatically invoiced?
No. If you would like an invoice, you can reach out via your project’s Telegram group with Immunefi to request one.
How much should we deposit into our vault? Is there a minimum/maximum amount?
The minimum deposit required to start using your vault is 5x your minimum reward. The maximum at this time is the equivalent of $1 million USD.
Do we have to pay-in to get a vault?
No, vaults are free to use, and there is no specific charge for using vaults. However, you will still have to pay the normal 10% Immunefi fee when paying out rewards using a vault. The fee payment is automatically included when you process a payment using a vault.
Which tokens can we deposit in our vault?
You can deposit stablecoins, ETH, or any other asset on the Uniswap Token Lists.
How do we send a reward using our vault?
When the status of the report is set to ‘Confirmed’ you have the ability to send a reward. To do so, click on the action tab at the bottom of the report page and select ‘Payout’. Once this is done, the vault window will open up and you will be able to select assets from the vault, and then send the assets as a reward on-chain. The 10% Immunefi fee will be automatically added to the amount and split by the system in one single transaction.
We already use Gnosis Safe. Why do we need to create a vault on Immunefi?
Unlike a personal Gnosis Safe, a vault on Immunefi is visible to whitehats within the UI on our platform. When whitehats see a vault with significant assets, they are incentivized to hunt bugs for that program.
Why is a multisig on Gnosis Safe required to set up a vault? How can I set one up?
It’s not strictly required, but it is highly recommended. Multisignature wallets require more than one private key, and they add a layer of security to cryptocurrency asset storage. For how to set it up, please see Safe’s documentation here.
If you need additional assistance, please contact us.
What is an owner wallet address?
The owner wallet address is the only address that can issue payments and withdrawals from the vault. It can be any wallet address you provide, but it should be owned by your admins. You will be explicitly required to provide an owner wallet address during the ‘Connect wallet’ step in the vault creation phase.
You have two different ways to provide a owner wallet address:
- Use the same address connected: the owner wallet address will be also used to pay the fees in order to deploy the vault;
- Use a different address than the one connected: pay the fees with the connected wallet in order to deploy the vault and then connect to the owner wallet address to access and interact with the vault.
Is setting up a vault required to set up a bug bounty program on Immunefi?
No. Vaults is a feature designed to improve the experience of projects and whitehats on our platform, but it is optional at this time. However, we do recommend that all projects set up a vault.
We already have an established brand name. Why do we need to use a vault to gain more trust from whitehats?
Many whitehats have had bad experiences with projects, even ones that are well-known in the community. A bad experience with one project may discourage whitehats from hunting on other projects. Therefore, the more you can do to build trust with whitehats, the more likely you are to have whitehats working to protect your assets. Every project can always use more trust, as it could be the difference between an elite whitehat spending time on your program and reporting a critical severity vulnerability—or not.
Depositing assets into an Immunefi vault is a great way to demonstrate your trustworthiness, which helps to ensure the well-being of your project.
Does Immunefi plan to include yield generation in the Vaults System?
The Vaults System is a major step towards developing the ultimate bug bounty platform. Our development philosophy is to release updates and features one at a time so that we can ensure the structural integrity of our platform. We plan to investigate the possibility of including yield generation as part of that process.
Comments
0 comments
Article is closed for comments.