Whitehat Reward Pool Size

The reward pool is $25,000 USD and will be fully distributed among whitehat participants in the form of USDC.

Reward Pool Distribution

The rewards pool is partly distributed with the following formula, and partly at Immunefi’s discretion. The main purpose of a Mitigation Audit is to reward vulnerabilities, exploiting the fixes of the original Audit Competition. 

The portion of the reward pool is to reward high-quality whitehat contributions, such as valuable but technically invalid bug reports which are called Insights. More information about Insight reports can be found in this Help Center article.

The reward pool size for Mitigation Audit | Folks Finance is $25,000 USD. If no bugs or only Insights are found, the reward pool will be - 10% of the largest reward pool ($2,500 USD).

For this Audit, duplicates are valid for a reward. 

Distribution Formula:

A whitehat’s portion of the rewards pool is equivalent to their percentage of all whitehat points earned.

Whitehat_A_RewardsPoolPortion = (Whitehat_A_Points / AllWhitehatsPoints) * (RewardsPool)

Whitehat points are earned based on the severity of each bug found, in a Sybil-resistant manner. Bonus points are awarded to the chief finder of each bug.

The chief finder of a bug is the first person to prove the highest severity level of it. This mechanic exists to incentivize submitting bugs sooner without compromising on proving the bug’s impact.

For example, if two people submit the same bug demonstrating a severity of High, then whoever submitted it first would be the chief finder. But if one of those two people demonstrated a severity of Critical, then they’d be the chief finder even if they didn’t submit it first.

CriticalBugPoints = 32.4 * (0.9 ^ (NumberOfFinders - 1)) / NumberOfFinders

ChiefFinder_CriticalBugBonus = 7.2 * (0.9 ^ (NumberOfFinders - 1))

HighBugPoints = 8.1 * (0.9 ^ (NumberOfFinders - 1)) / NumberOfFinders

ChiefFinder_HighBugBonus = 1.8 * (0.9 ^ (NumberOfFinders - 1))

MediumBugPoints = 2.7 * (0.9 ^ (NumberOfFinders - 1)) / NumberOfFinders

ChiefFinder_MediumBugBonus = 0.6 * (0.9 ^ (NumberOfFinders - 1))

LowBugPoints = 0.9 * (0.9 ^ (NumberOfFinders - 1)) / NumberOfFinders

ChiefFinder_LowBugBonus = 0.2 * (0.9 ^ (NumberOfFinders - 1))

Final Notes

• Whitehats may provide more info to upgrade the severity of their bug reports until the Audit ends.

• If a bug found during the event requires an immediate fix then that bug will be considered a publicly known issue as soon as the fix is deployed. Future submissions of the same bug will be considered invalid. 

• Rewards will be distributed all at once after the Audit has ended. No rewards are distributed during the Audit.

• Mitigation Audit reward distribution terms may change at Immunefi’s discretion to prevent unintended results and abuse by not-so-whitehats.