Unistake is a decentralized token protocol built to empower DeFi projects and incentivize liquidity providers.
In Scope
Target | Type | Severity | Reward |
---|---|---|---|
Solidity | Critical | Bounty | |
Solidity | Critical | Bounty | |
Solidity | Critical | Bounty |
In Scope
We are looking for evidence and reasons for incorrect behavior of the smart contract, which could cause unintended functionality:
- Stealing or loss of funds
- Unauthorized transaction
- Transaction manipulation
- Attacks on logic (behavior of the code is different from the business description)
- Reentrancy
- Reordering
- Over and underflows
Out of Scope
- Theoretical vulnerabilities without any proof or demonstration
- Old compiler version
- The compiler version is not locked
- Vulnerabilities in imported contracts
- Code style guide violations
- Redundant code
- Gas optimizations
- Best practice
- Perform testing only within the scope
- Test only on private testnet, no testing for third party contracts
- Only vulnerabilities that can lead to real issues are covered by the bug bounty program
- In special cases, the size of the award can be increased if the researchers demonstrate how the vulnerability can be used to inflict maximum harm
- Any details of found vulnerabilities must not be communicated to anyone who is not a HackenProof Team or an authorized employee of this Company without appropriate permission
- Critical 3,500 - 5,000 USDT
- High 1200 - 1500 USDT
- Medium 200 - 300 USDT
- Low 100 USDT