Layer3, a decentralized attention layer project, has introduced a new bug bounty program offering rewards of up to $500,000. This initiative, launched in partnership with HackenProof, aims to bolster the security of Layer3’s omnichain infrastructure, which plays a vital role in supporting distribution, identity, and incentive mechanisms across over 500 ecosystems.
Bounty Rewards and Severity Levels
The program offers bounties ranging from $5,000 for medium-severity issues to a maximum of $500,000 for critical vulnerabilities. Critical issues will be rewarded with a six-month linear vesting schedule in DEXE tokens, while other bounties may be paid in stablecoins.
The focus of the bounty program is on identifying and mitigating vulnerabilities within Layer3’s smart contracts. The most concerning issues are those that could lead to the theft or loss of staked funds, unauthorized transactions, or the permanent freezing of assets.
Participation and Submission Guidelines
Hackers are encouraged to submit reports on any vulnerabilities they discover, even if they fall outside the specified categories, provided they adhere to the program’s rules. HackenProof’s team will be responsible for reviewing and triaging each submission to determine its validity and severity.
Participants must follow strict guidelines, including submitting one vulnerability per report and providing a proof of concept for all severity levels. Testing is to be conducted only within a defined scope, avoiding any actions that could disrupt services or compromise personal data. Activities such as DoS/DDoS attacks, social engineering, and using automated tools to spam forms are strictly prohibited.
Defining Vulnerabilities
Layer3 has clearly outlined what constitutes “in-scope” and “out-of-scope” vulnerabilities. In-scope issues include unauthorized fund transfers, bypassing access controls, and emergency withdrawals. Out-of-scope issues involve gas optimizations and other non-critical aspects that do not directly affect the smart contract’s functionality.
This program provides an opportunity for security experts and white-hat hackers to contribute to the safety and reliability of Layer3’s infrastructure while earning significant rewards for their efforts.