Whitehat Reward Pool
Rewards are denominated in USD and distributed in a stablecoin.
Rewards are distributed all at once after the contest has ended. No rewards are distributed during the contest.
The reward pool size is determined by the greatest condition met. If multiple conditions are met only the largest reward pool applies.
Shardeum’s Audit Competition
- If one or more Critical severity bugs are found, the reward pool will be 100% of the respective reward pool, $150,000 USD
- If one or more High severity bugs are found, the reward pool will be 75% of the respective reward pool, $112,500 USD
- If one or more Medium severity bugs are found, the reward pool will be 50% of the respective reward pool, $75,000 USD
- If Low severity bugs or no bugs are found, the reward pool will be 25% of the respective reward pool, $37,500 USD
More information about severities and Insight reports can be found in Immunefi's Severity Classification System.
Private known issues will unlock higher reward pools according to their severity level without any downgrade. For example, a Critical severity bug which was a private known issue would unlock the reward pool conditional on a Critical severity bug being found.
Public known issues are invalid as normal.
Reward Pool Distribution Formula
Whitehat rewards are earned based on the severity of each bug found, in a Sybil-resistant manner.
The chief finder of each bug earns bonus points (worth 10% of that bug’s rewards). The chief finder is the first person to prove the greatest severity level of the bug.
LowBugPoints = 0.9 * (0.9 ^ (NumberOfFinders - 1)) / NumberOfFinders
ChiefFinder_LowBugBonus = 0.1 * (0.9 ^ (NumberOfFinders - 1))
MediumBugPoints = 2.7 * (0.9 ^ (NumberOfFinders - 1)) / NumberOfFinders
ChiefFinder_MediumBugBonus = 0.3 * (0.9 ^ (NumberOfFinders - 1))
HighBugPoints = 8.1 * (0.9 ^ (NumberOfFinders - 1)) / NumberOfFinders
ChiefFinder_HighBugBonus = 0.9 * (0.9 ^ (NumberOfFinders - 1))
CriticalBugPoints = 32.4 * (0.9 ^ (NumberOfFinders - 1)) / NumberOfFinders
ChiefFinder_CriticalBugBonus = 3.6 * (0.9 ^ (NumberOfFinders - 1))
A whitehat’s portion of the reward pool is equivalent to their percentage of all whitehat points earned.
Whitehat_A_RewardPoolPortion = (Whitehat_A_Points / AllWhitehatsPoints) * (RewardPool)
More information about severities and Insight reports can be found in Immunefi's Severity Classification System.
Rewards for Insight Reports
If a Critical, High, or Medium severity bug is found then 10% of the reward pool is distributed to Insights. The remaining 90% is distributed according to the reward pool distribution formula.
If only Low severity bugs and/or Insights are found, then the reward pool is distributed at Immunefi’s discretion.
Duplicates of Insight reports are not eligible for a reward.
Final Notes
- Whitehats may provide more info to upgrade the severity of their bug reports until the Audit Competition ends.
- If a bug found during the event requires an immediate fix, it will be considered a publicly known issue as soon as the fix is deployed. Future submissions of the same bug will be considered invalid.
- Rewards will be distributed all at once after the Boost has ended. No rewards are distributed during the Audit Competition.
- Audit Competition reward distribution terms may change at Immunefi’s discretion to prevent unintended results and abuse by not-so-whitehats.
Comments
0 comments
Article is closed for comments.