Aspida is launching a new program to enhance the safety of our ecosystem. Our Bug Bounty Program is set to kick off on February 22, 2024. Keep reading to discover how you can submit a bug detected found in our smart contracts.
Summary
- The Aspida Bug Bounty Program is set to kick off on February 22, 2024.
- You can report bugs and earn rewards via the Immunefi platform at: Aspida Bug Bounties | Immunefi.
- The rewards will vary depending on the severity of the detected bug.
Background
In the ever-evolving landscape of cybersecurity, projects face continuous challenges in safeguarding their systems and data from malicious actors. To proactively address these threats, Aspida has embraced bug bounty programs as a strategic approach to pinpoint and address vulnerabilities before they are exploited.
Aspida chose to collaborate the Bug Bounty Program with Immunefi. Founder and CEO Mitchell Amador launched Immunefi on December 9, 2020, as a bug bounty platform focused on web3 and smart contract security with the goal of making web3 safe for everyone. Immunefi provides bug bounty hosting, consultation, and program management services to blockchain and smart contract projects.
This program serves as open invitations to our community and other security researchers to identify and responsibly report vulnerabilities in projects’ smart contracts and applications. This collaborative effort aids in establishing a safer protocol environment. Participants will be rewarded based on the severity of the vulnerability as a token of appreciation for their valuable contributions to security.
Steps to Submit a Bug
If you have discovered a bug, please
- Report the bug on the Immunefi platform at Aspida Bug Bounties | Immunefi.
- Upon submission, our team will promptly investigate and attempt to replicate it.
- If the bug is confirmed to be previously unknown, you will be eligible for rewards.
The amount of the reward will be determined by the severity level of the bug, in accordance with the Immunefi Vulnerability Severity Classification System.
Thank you for helping us improve our platform’s security.
Eligibility Criteria for Bug Bounty Rewards
- Upon submitting a bug report, it will be time-stamped on the blockchain, and only the initial valid submission will be rewarded.
- Bug reports covering previously-discovered bugs (audits, or specified in the Immunefi bounty page) are not eligible for the program.
- In the event of multiple submissions for the same bug, only the first reporter will be able to claim the rewards.
- Bugs already outlined on the bounty page are also excluded from reward eligibility.
- All bug reports must be accompanied by a Proof of Concept (PoC) demonstrating an impact on an asset within the designated scope in order to be considered for a reward.
- For a comprehensive understanding of the rules, please refer to the detailed guidelines on the Immunefi page: The Sandbox Bug Bounties | Immunefi
Bug Bounty Reward System
The rewards are offered depending on the severity of the bug reported. There are four levels of bugs that can be reported: low, medium, high and critical.
Reward Table
About Aspida
Aspida is a decentralized liquid staking protocol that allows individuals to stake their assets and receive derivative tokens representing their staked holdings. These derivative tokens can then be used as collateral to borrow other digital assets, providing users with liquidity while maintaining their staked positions.
Aspida achieves decentralization by utilizing smart contracts that execute on the blockchain, removing the need for intermediaries and central authorities. By leveraging the power of smart contracts, Aspida ensures a tAbout Aspida
Aspida is an efficient liquid staking protocol that offers a decentralized, secure, and highly compatible staking service. By leveraging the power of liquid staking, Aspida allows users across different layers and networks to earn profitable rewards while maintaining the flexibility to participate in multiple staking opportunities.
Try Aspida: https://aspidanet.com/
Join Aspida Community: Discord丨Telegram丨X丨Blog丨Medium丨Documentation