How to Submit
Email your report to [[email protected]] with:
Detailed reproduction steps
Proof of concept
First valid report wins. Duplicates won't be rewarded.
Rewards
Paid in USDC based on severity:
Critical (up to $10,000: Loss of user funds
High (up to $2,000): Network downtime without incorrect state
Medium (up to $$1,000): API/performance degradation
Rules
Test only on testnet or local forks β never mainnet
No social engineering, phishing, or sustained DDoS
No public disclosure before fix + payout
No exploitation beyond bounty scope
KYC required for payment
Not Eligible
Vague reports without repro steps
Bugs requiring unrealistic user behavior or market conditions
Third-party dependency issues (unless directly exploitable)
Non-security bugs (minor perf, UI glitches)
Legal
We won't pursue legal action for good-faith research within these guidelines. All submissions become property of Temple Digital Group.