Bug Bounty Program
At VDEX, security is a top priority. We are committed to providing a safe and trustless trading environment, and we recognize the vital role that security researchers play in helping us maintain the integrity of our platform.
To encourage responsible disclosure of vulnerabilities, we are offering a Bug Bounty Program with significant rewards for findings that could impact the platform’s security and functionality.
Bounty Tiers & Rewards
Critical
$10,000 + 100,000 Tokens
Any vulnerability that can be exploited to steal large amounts of funds from the exchange, bypass security measures, or completely compromise user funds or system integrity.
Medium
$5,000 + 50,000 Tokens
Issues that could lead to loss of funds under specific conditions, smart contract failures, or the ability to manipulate core trading mechanisms in a way that negatively impacts users.
Low
$1,000 + 10,000 Tokens
Minor vulnerabilities such as UI bugs, edge-case smart contract inefficiencies, or potential exploits that require significant effort to execute and have limited impact.
Note: Rewards will be assessed based on severity, reproducibility, and overall risk. The final decision on severity classification and payout amounts is at the discretion of the VDEX security team.
We have compiled a list of all the bug bounties we have awarded to date in the table below.
Someone could use our domain name to send emails impersonating our team.
$500
0x50C...10ad9
People could place multiple orders at high frequency to manipulate the MARK PRICE and exploit the Virtual Market Maker. Thus generating abnormal profit.
$1,000
To reiterate, all the bugs listed above have been resolved by the team.
Get Started
If you believe you’ve found a vulnerability, contact us on Discord
Last updated