For the goal of preventing the loss of user funds, the bug bounty program is centered on its smart contracts and Dapp.
We’re introducing an official Smartlink Bug Bounty today to encourage bug reporting.
The Smartlink Bug Bounty System is used to give rewards according to the severity of the vulnerability. This is a simple 4-level scale with distinct scales for websites/apps and smart contracts/blockchains that covers everything from exploitation consequences to privilege requirements to the chance of a successful exploit.
Payments are made directly by the Smartlink team and are made in USDC (50%) and SMAK (50%) with a lockup period of 8 months on the latter.
up to $ 1,000 USD
up to $ 5,000 USD
up to $ 10,000 USD
up to $ 100,000 USD
Assets in scope
Smart contracts & Web app
Smart contract & Web app
Smart contract & Web app & Randomness
- Logic errors
- Dependency vulnerabilities
- Congestion and scalability
- Cryptography problems
- Signature malleability
- Susceptibility to replay attacks
- Weak randomness
- Weak encryption
- Susceptibility to block timestamp manipulation
- Missing access controls / unprotected internal or debugging interfaces
For web vulnerabilities, Smartlink is strictly interested in those that cause direct and unequivocal loss or permanent locking of user funds
An example would be a vulnerability that lets an attacker spoof transactions on Smartlink web applications, leading to theft of funds