MCDEX Bug Bounty Program

Our smart contracts are audited by OpenZeppelin and ConsenSys. We take the security of our platform and the protocols very seriously. To further bolster the security of our smart contracts, we invite bug bounty hunters, traders, and other stakeholders of the ecosystem to find bugs in our platform.

We hereby launch our bug bounty program — the details of which are as follows:

Scope

The bug bounty program applies to MCDEX smart contracts (Mai Protocol and Mai Protocol v2), and other important services on our system — including the frontend and the backend.

Rules

  • If you have a fix, directly create a pull request for the Mai and Mai v2 repositories.
  • Only those issues will be considered outside of those already identified by the previous audit reports (OpenZeppelin and ConsenSys )
  • Regarding duplicate submissions, the first one to submit the report will be considered.
  • Before discussing the bug publicly, please inform us and allow us a reasonable timeframe to fix it.

Submission

Please send your submission to bug@mcdex.io

Compensation

The compensation depends on the criticality of the found bug. To determine the severity of the bug, the OWASP risk assessment framework will be used.

Image for post
Image for post

While calculating the bug bounty reward, we also consider the quality of the submission. It includes a clear description, a test case, and a provided fix. We generally follow the below payout structure. Please note that payouts are determined at the sole discretion of MCDEX.

Note: Up to $500 USD

Low: Up to $2,000 USD

Medium: Up to $5,000 USD

High: Up to $20,000 USD

Critical: Up to $50,000 USD

All bounties are payable in MCB/ETH and other cryptocurrencies.

Thank you!

MCDEX on Telegram

MCDEX on Discord

MCDEX on Twitter

Written by

Building MCDEX V3 (Decentralized Perpetual) | Trade #PerpetualContracts - $ETH $LINK $SNX $COMP $LEND

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store