Across the Decentralized Finance universe Synthetix has placed itself as one of the largest protocols in the space. As such, it is essential for engineers, technicians and bounty hunters alike to receive incentives and bonuses to disclose errors, vulnerabilities, or anything else they may find needs to be fixed within the protocol.
External parties are reliably auditing all new additions to Synthetix smart contracts. However, any review of the history surrounding some of the other protocols in the DeFi space demonstrate these audits do not guarantee total security for a protocol. Thus there is definitely need in the system to make monetary incentives available to get many eyes looking at the underlying code.
To address this need, Synthetix recently announced its new bug bounty is live on Immunefi. Immunefi provides its users a bug bounty program for both full DeFi projects as well as individual smart contracts. Immunefi employs researchers in the security field to review the working code of a contract or protocol with the purpose of discovering and disclosing vulnerabilities therein, thereby making the contract or protocol safer. Monetary bounties are paid, based on degree of the threat, for each discovered and disclosed vulnerability.
As of the time of the writing of this article, the rewards for the Synthetix bug bounty (based on threat level) are as follows: Critical - $100,000 USD; High - $40,000 USD; Medium - $5,000 USD; and, Low $1,000 USD. The rewards are paid in the form of either SNX or sUSD the choice being reserved to the hunter. As the bug bounty program is hosted by Immunefi, hunters should report issues discovered there. Immunefi will filter the submitted issues and pass the valid finds on to Synthetix for further review.
If you are further interested in the prioritized vulnerabilities sought by the bounty, the out of scope vulnerabilities, or the additional rules for the bug bounty, Immunefi has a separate web page set up with these details. You may find this information at https://immunefi.com/bounty/synthetix/.
I am merely an ordinary small investor who likes to share what I've learned and found interesting. Please take a few minutes and check out my other published articles. I am not in any way a financial advisor and as such, do your own research before investing. If you enjoyed this article please like it, comment and/or tip. Feedback is always welcome here.