Bug Bounty Program
We invite whitehat hackers to inspect our code and report vulnerabilities.
Rewards
Rewards are paid in USDC based on the severity of the vulnerability (OWASP standard).
| Severity | Reward Range |
|---|---|
| Critical | Up to $100,000 |
| High | $10,000 - $50,000 |
| Medium | $1,000 - $5,000 |
| Low | $100 - $500 |
Scope
- Smart Contracts:
MarketFactory.sol,Router.sol,OptimisticOracle.sol - Frontend:
app.foresure.market(XSS, CSRF only if it leads to fund loss)
Disclosure Process
- Do not exploit the vulnerability publicly.
- Send a detailed report to
security@foresure.market. - Include a Proof of Concept (PoC).
- Wait for our team to verify and fix the issue.
Safe Harbor
We will not pursue legal action against researchers who follow these guidelines and act in good faith.