Home Ended Ref Finance x Immunefi Bug Bounty

Ref Finance x Immunefi Bug Bounty

Add to Watchlist

Added to Watchlist

Reward pool

Not set

USDT, USDC, NEAR, wNEAR, REF

Expected profit

up to $250,000

USDT, USDC, NEAR, wNEAR, REF

Max participants

∞

No limit

DropsEarn score

Neutral

Normal, Low Risks

Details

Ref Finance is a community-led, multi-purpose DeFi platform built on NEAR Protocol. Ref takes full advantage of NEAR’s low fees, one-to-two second finality, and WebAssembly-based runtime (hello, Rust smart contracts!).

In addition to the advantages of being built on top of NEAR, Ref Finance provides:

Multiple pools in one contract
Atomic transactions
Customisable pool fee
Liquidity Aggregation across networks

For more information about Ref Finance, please visit https://www.ref.finance/.

Rewards by Threat Level

Rewards are distributed according to the impact of the vulnerability based on the Immunefi Vulnerability Severity Classification System V2.1. This is a simplified 5-level scale, with separate scales for websites/apps, smart contracts, and blockchains/DLTs, focusing on the impact of the vulnerability reported.

All web/app bug reports must come with a PoC with an end-effect impacting an asset-in-scope in order to be considered for a reward. Explanations and statements are not accepted as PoC and code is required. In addition, all bug reports must come with a suggestion for a fix in order to be considered for a reward.

Rewards for critical smart contract vulnerabilities are further capped at 10% of economic damage, with the main consideration being the funds affected in addition to PR and brand considerations, at the discretion of the team. However, there is a minimum reward of USD 50,000 for Critical smart contract bug reports.

Issues previously highlighted in the following audit report are considered as out of scope:

https://422665050-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MhIB0bSr6nOBfTiANqT-2910905616%2Fuploads%2Fh8mipVuJTakoLC6XmzfU%2FRef%20Finance%20Security%20Audit-1.pdf?alt=media&token=cf0398d1-97d5-4367-9776-07bc8e4c67ea

Payouts are handled by the Ref Finance team directly and are denominated in USD. However, payouts are done in USDT, USDC, NEAR, wNEAR or REF, at the discretion of the team.

Smart Contract

Links

About

Ref Finance with Immunefi has announced a bug bounty program with maximum reward $250.000 for critical threat level bug report.

Activity Type

Testing

Bug bounty

Tech

Bugs

Date

17 May 2022 03:00(UTC+3) - 17 Aug 2022 03:00(UTC+3)

Registration

Closed

When Reward:

None

Event Status

You can't participate(Event ended)

Links

Event page

Discord

Twitter