We value contributions from the community to strengthen the security of the core contracts. We want to reward any hackers in good faith who report vulnerabilities.
The scope of this bounty includes the Creative smart contracts. The determination of the bug severity will be made by the Creative team. We determine the severity of an issue according to the Smart Contract Security Alliance Severity Levels
Payouts will be as follows:
- High: $2,000 USDC
- Medium: $1,000 USDC
- Low: $500 USDC
The issue must:
- Be a previously unreported, non-public vulnerability.
- Include enough detail for us to identify and reproduce the problem.
- All reports should start with an email to firstname.lastname@example.org, and they will receive a response within 24 hours. Non-security issues are not eligible for this bounty.
Determinations of eligibility and all terms related to this award are at the sole and final discretion of the Creative Community DAO.