Reward

We offer a reward based on the severity of the vulnerability and affected fund. The severity is determined by our team based on the Immunefi Vulnerability Severity Classification System. The reward amount ranges from $50 to $50,000 USD.

Again, it's important to note that these reward amounts are just an example and can be adjusted based on UniBot's budget and preferences. Additionally, the severity level of a vulnerability may be adjusted based on its specific impact on UniBot's smart contracts. The goal is to incentivize security researchers to report vulnerabilities in a timely and responsible manner, ultimately improving the security of UniBot's smart contracts.

Scope

The scope of our bug bounty program includes all deployed smart contracts of UniBot v2, which can be found in the UniBot v2 Smart Contracts. The following are not within the scope:

• UniBot websites or web-based services
• Third-party contracts
• Issues that are already listed on the audit report

Disclosure

To report a vulnerability, please create a ticket in our Discord or Typeform . Please include a detailed description of the vulnerability, steps to reproduce, and any additional information that may be helpful in understanding the issue.

Eligibility

We have some rules for you to be eligible for a reward under this program:

• You must be the first person to report the vulnerability.
• You must not publicly disclose the vulnerability.
• You must not exploit the vulnerability in any way.
• You must provide sufficient information to enable our team to reproduce and fix the issue.

We reserve the right to make all decisions regarding rewards, including scope, eligibility criteria, reward amounts, and payment methods. We may also modify this program at any time.