ICON Foundation Partners With ImmuneFi For Bug Bounty Program

ICON Foundation has partnered with ImmuneFi to host a bug bounty program. Beginning October 21st, the program will cover vulnerabilities related to smart contracts, Goloop (the ICON main network node software) and the ICON tracker.

Bug bounties are critical components of a project's long term health, especially in the Web3 space, where software projects may have more exposure to economic risk than is typical. ImmuneFi is blockchain’s premiere bug bounty platform, trusted by top projects like Synthetix, Chainlink, SushiSwap, PancakeSwap, Bancor, Cream Finance, Compound, Alchemix, Nexus Mutual and others.

ImmuneFi’s bounty program is structured so that rewards are distributed according to the vulnerability of the threat. Further details about threat levels per bounty domain are available on the ImmuneFi Bug Bounty Portal.

| Threat Level | Bounty (USD) | |-------------- |-------------- | | Critical | 100,000 | | High | 25,000 | | Medium | 5,000 | | Low | 1,000 |

ICON's Commitment to Security

ICON is an open-source layer 1 delegated proof-of-stake (DPoS) blockchain and smart contract platform focused on connecting heterogenous blockchains and their communities. ImmuneFi's Bounty Program will help ICON bulletproof its core infrastructure, providing a double benefit for its role as a L1 chain and the keystone of the BTP network. 

In addition to the Bug Bounty Program, ICON Foundation takes preventative measures to protect the ecosystem by auditing our key products, including ICON Bridge and goloop. ICON Foundation is currently partnered with FYEO, one of the top Web3 cyber security groups, with experience in audits for major ecosystems such as Solana, Algorand, NEAR, Vega, Cardano, Ethereum, and EnergyWeb. As an audit partner, FYEO finds vulnerabilities before they become an issue, and maintains availability to smart contract development teams who would like to have their code analyzed and tested on Day 0. ICON Foundation provides assistance to these smart contract development teams through the Smart Contract Audit Fund.

ImmuneFi's Approach

ImmuneFi is a whitehat-first steward of the technical vulnerability process and the fair economic incentivization of it as such. They assist with getting whitehat hackers where they want to go, including providing support for hackers to get paid when they make meaningful contributions. On the other end, they provide fair services to organizations such as ICON Foundation to facilitate the bug bashing process, including by assisting with ensuring bug submission legitimacy and by promoting partnered organizations to their large and effective community.

Stay in the Loop

If you would like to learn more about ICON's development process, be sure to follow us on Twitter and join us on Discord!

If you'd like to learn more about ImmuneFi, visit their website.