Bug bounty presence & max payout

ether.fi's assessment for RD-F-007 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Active Immunefi bug bounty program. Max payout: $300,000 for critical smart contract vulnerabilities. 60 assets in scope. PoC required; KYC mandatory for payouts. Program URL confirmed in data cache sources.bug_bounty.

Sources #

URL
ether.fi Immunefi bug bounty — $300K max, 60 assets in scopeimmunefi.com/bug-bounty/etherfi/retrieved 2026-04-28
Docs
Bug bounty confirmed in data cachedata cache sources.bug_bountyretrieved 2026-04-28

Methodology #

Check whether a public bug bounty program is active for this protocol and record the maximum payout in USD.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol ether-fi factor RD-F-007 score green collected_at 2026-04-28 13:58:46