Cygnus
  • 👋Welcome To Cygnus
  • Cygnus Network
    • What is Cygnus?
    • Why Do We Need Cygnus?
    • How Does Cygnus Work?
    • Cygnus Social App SDK
      • Cygnus Instagram App Layer
      • Telegram Mini App for Cygnus
      • Whatsapp Mini App for Cygnus
    • Bug Bounty
    • Grant Program
    • Cygnus Token
    • Research
      • Optimism
      • Optimistic Rollups
      • OP Super Chain
      • OP Stack
  • Cygnus Omnichain Liquidity Validation System (LVS)
    • Introduction
    • Collateral Mechanism & Asset Management
    • Vault Delegation & Restaking Framework
    • Network Coordination & Security Layer
    • Operator Registration & Incentive System
    • Resolver Governance & Dispute Resolution
    • Cygnus LVS Integration
      • cgETH
        • What is cgETH?
        • Core Features and Mechanics of cgETH
        • Security, Transparency, and Risk Management
      • clBTC
        • What is clBTC?
        • How clBTC Works?
        • Integration with CeFi and DeFi in Cygnus Network
        • Security, Transparency, and Risk Management
      • cgUSD v1
        • What is cgUSD v1
        • Why Cygnus Finance
        • Risk Warning
        • Protocol Mechanics
          • Mint
          • Wrap
          • Bridge
          • Redemption
        • Token and Contract
          • cgUSD
            • Comparison to Stablecoins
            • How it Works
            • On-Chain Price Oracle
          • wcgUSD
            • Comparison to cgUSD
            • How it Works
          • Smart Contract Audits
        • FAQ
          • Mint
          • Wrap
          • Withdrawals
      • cgTON
    • Cygnus Pool SDK
  • legal
    • Privacy Policy
    • Interface Terms of Use
Powered by GitBook
On this page
  • Overview
  • Rewards
  • Cygnus Community Contribution Airdrop
  1. Cygnus Network

Bug Bounty

PreviousWhatsapp Mini App for CygnusNextGrant Program

Last updated 1 month ago

Earn up to $2,000,000 USD by finding protocol, client and bugs affecting Cygus.

Overview

The Cygnus Bug Bounty Program is your opportunity to contribute to the security and resilience of one of the most innovative ecosystems in Web 3.0. By identifying and responsibly disclosing vulnerabilities, you can earn rewards of up to $2,000,000 USD while playing a pivotal role in safeguarding user trust and ecosystem integrity.Our program emphasizes the proactive prevention of critical security issues, such as:

  • Loss of User Funds: Protect the assets of Cygnus users from potential exploits or vulnerabilities.

  • Denial of Service (DoS): Mitigate risks that could disrupt protocol functionality or accessibility.

  • Governance Hijacks: Prevent unauthorized control or manipulation of governance mechanisms.

  • Data Breaches and Leaks: Secure sensitive information and prevent unauthorized data access or exposure.

Cygnus recognizes the vital contributions of ethical hackers and security researchers in maintaining the robustness of our protocol. This program isn’t just about discovering bugs—it’s about fostering collaboration with the brightest minds in cybersecurity to build a safer, more resilient ecosystem for everyone.Whether you’re an independent security expert, part of a professional team, or a passionate contributor, we welcome your expertise and encourage you to participate in making Cygnus stronger. Together, we can ensure a secure, transparent, and innovative future for Web 3.0.

Rewards

Rewards by Threat Level

Rewards are distributed according to the impact of the vulnerability based on the . This is a simplified 5-level scale, with separate scales for websites/apps and smart contracts/blockchains, encompassing everything from consequence of exploitation to privilege required to likelihood of a successful exploit.All web and app bugs must come with a PoC in order to be accepted. All web and app bug reports without a PoC will be rejected with a request for a PoC.Smart Contracts Rewards Breakdowns

  • Smart Contracts Critical:

    • Loss of user funds:

      • 1% of assets at risk, minimum 100,000 USD, maximum 2,000,000 USD

    • Loss of non-user funds (e.g. treasury):

      • 1% of assets at risk, minimum 50,000 USD , maximum 1,000,000 USD

  • Smart Contracts High:

    • 1% of assets at risk when attack persists for 1 month

      • minimum 20,000 USD, maximum of 400,000 USD

  • Smart Contracts Medium:

    • 1% of assets at risk when attack persists for 1 month

      • minimum 5,000 USD, maximum 100,000 USD

  • Smart Contracts Low:

    • 2,000 USD

Web/App Rewards Breakdowns

  • Web/App Critical:

    • 40,000 USD

  • Web/App High:

    • 7,500 USD

    • If attack can modify the transaction users approve so it sends funds to the wrong address: then this reward increases to a total of 40,000 USD

  • Web/App Medium:

    • 3,250 USD

  • Web/App Low:

    • 500 USD

Payouts are handled by the Cygnus team directly and are denominated in USD. Payouts can be done in ETH, USDT,USDC, or Cygnus, at the decision of the bug bounty hunter.

Cygnus Community Contribution Airdrop

This form is designed to collect information from community contributors, especially those helping identify bugs and improve the protocol. Submissions will be used for the fair distribution of our airdrop. Cygnus is committed to decentralization and community-led growth — your effort in making Cygnus safer directly boosts your rewards!

Click to submit your contribution and join the airdrop!

Immunefi Vulnerability Severity Classification System V2.2
here