A bug bounty program with prizes of up to $500,000 was introduced by Layer3, a project that aims to create a decentralized attention layer.
In collaboration with HackenProof, this project aims to fortify the security of its omnichain infrastructure, which underpins vital operations such as distribution, identity, and incentives among over 500 ecosystems.
The maximum reward for serious vulnerabilities is $500,000, whereas the minimum reward for medium-severity flaws is $5,000.
While other bounties may be paid in stablecoins, critical severity issues are rewarded with a six-month linear vesting schedule in DEXE tokens.
The bounty program aims to find and fix vulnerabilities in Layer 3 smart contracts. It focuses on important problems that can result in unapproved activities, the permanent freeze of assets, or the theft or loss of staked monies.
As long as they follow the program guidelines, hackers can report any vulnerabilities—even ones that don’t fall into one of the designated categories. The staff of HackenProof will examine and rank every submission.Â
Layer3’s Definition of Vulnerabilities
What constitutes “in-scope” and “out-of-scope” vulnerabilities has been distinctly defined by Layer 3. Vulnerabilities that fall under this category include emergency withdrawals, circumventing access rules, and unauthorized fund transfers.
Gas optimizations and other non-essential elements that have no direct bearing on the operation of the smart contract are considered out-of-scope concerns.Â
Participants are required to abide by stringent guidelines, which include reporting a maximum of one vulnerability per report and offering a proof of concept for each severity level.
Only specific tasks that do not jeopardize personal data or interrupt services should be included in testing.
Additionally, the program forbids social engineering, DoS/DDoS attacks, and the use of automated tools for form spamming.
