Kalmar is a decentralized bank powered by non-fungible token technology and advanced gamification models.
In Scope
Target | Type | Severity | Reward |
---|---|---|---|
Yield Farming |
Web | Critical | Bounty |
In Scope
We are looking for evidence and reasons for incorrect behavior of the smart contract, which could cause unintended functionality:
- Stealing or loss of funds
- Unauthorized transaction
- Transaction manipulation
- Attacks on logic (behavior of the code is different from the business description)
- Reentrancy
- Reordering
- Over and underflows
Out of Scope
- Theoretical vulnerabilities without any proof or demonstration
- Old compiler version
- The compiler version is not locked
- Vulnerabilities in imported contracts
- Code style guide violations
- Redundant code
- Gas optimizations
- Best practice
- Perform testing only within the scope
- Test only on private testnet, no testing for third party contracts
- Only vulnerabilities that can lead to real issues are covered by the bug bounty program
- In special cases, the size of the award can be increased if the researchers demonstrate how the vulnerability can be used to inflict maximum harm
- Any details of found vulnerabilities must not be communicated to anyone who is not a HackenProof Team or an authorized employee of this Company without appropriate permission
Critical: 5,000 - 15,000 USDT
High: 1,000 -5,000 USDT
Medium: 500 - 1,000 USDT
Low: 300 USDT
The budget of the Bug Bounty program is $100 000.