The whitehat score measures a whitehat's effectiveness relative to other whitehats. It takes into account: 1) the number and severity of paid reports, and 2) earnings received by all whitehats.
Data is tabulated daily, normalized to the highest values, and used to calculate individual whitehat scores. The whitehat leaderboard is then ranked by the highest scores.
Leaderboards
Immunefi uses different leaderboards, each representing a different time range. We call these time ranges "scopes."
Currently, we have these scopes:
- All time
- Last 90 days
- Yearly scopes, one for each year since 2022
Each whitehat has an independent score in each leaderboard. This means you may have scored 300 points in 2023 but have 250 points in the all-time leaderboard. There's a good reason for this, which we hope will become clear.
The most important thing is this: having different independent leaderboar ds keeps Immunefi a place where newcomers and veterans can share the glory of being in the top ranks.
Scoring
The score is computed from two factors:
- The amount paid out in rewards
- The severity of those paid reports
In other words, the higher the reward, the higher the score. And the more severe your reports are, the higher your score, too!
That said, there's a maximum score anyone can reach: 1,000 points. This begs the question, how can I achieve 1,000 points? The explanation is simple, but achieving it isn't easy. To get 1,000 points in a leaderboard, be the whitehat with both the highest amount of rewards paid out AND the highest number of critical reports!
Examples
Example 1: 0xHyliaHacker's All-Time Score
0xHyliaHacker has been participating in Immunefi for several years. Her achievements include:
Total earnings: $14,500,000
Number of paid reports: 20
Severity breakdown:
- Critical: 3
- High: 7
- Medium: 10
In the all-time leaderboard, 0xHyliaHacker's earnings are the highest among all participants, giving her a perfect score in that category. However, another whitehat, GanonSec, has submitted 5 critical reports, which is the highest number in the report severity category.
0xHyliaHacker's score calculation comes down to 955. Impressive!
0xHyliaHacker still ranks #1 on the all-time leaderboard but doesn't achieve the perfect 1,000 points due to having fewer critical reports than GanonSec.
Example 2: LinkCipher's 90-Day Performance
LinkCipher is a newcomer who has made significant contributions in the last 90 days:
Total earnings in the last 90 days: $1,200,000
Number of paid reports: 10
Severity breakdown:
- Critical: 4
- High: 4
- Medium: 2
LinkCipher's performance is the best over the last 90 days. His earnings are the highest, and he has submitted the most critical vulnerabilities during this period. He has a perfect score of 1,000.
Although 0xHyliaHacker ranks high in the all-time leaderboard, her recent activity has been lower compared to other whitehats.
Notice how LinkCipher has 1,000 points in the 90-day leaderboard but not in the all-time leaderboard. In fact, in the all-time leaderboard, LinkCipher ranks in position #15. Still great!
This example illustrates how the 90-day leaderboard allows newer or currently active whitehats like LinkCipher to shine, even if they haven't accumulated as much total earnings as long-term contributors. It also shows how a whitehat like 0xHyliaHacker, who ranks high in the all-time leaderboard, might have a lower rank in the short-term leaderboard if their recent activity has been less intense.
The separate leaderboards ensure that both consistent long-term contributors and highly active newer participants can be recognized for their efforts.
Comments
0 comments
Article is closed for comments.