Bug bounty presence & max payout

Liquid Collective (LsETH)'s assessment for RD-F-007 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No formal bug bounty program active at $767M TVS. Vulnerability disclosure policy explicitly states 'We are currently designing our bug bounty program.' No Immunefi, Cantina contest, or Sherlock program found. Only a security@liquidcollective.io email channel exists with a promise of retroactive rewards once a program is designed.

Sources #

GitHub
Liquid Collective Vulnerability Disclosure PolicyVulnerability disclosure policy — 'currently designing our bug bounty program'retrieved 2026-05-17
URL
Protocol Security Audits — Liquid CollectiveSecurity audits page — no Immunefi or bug bounty program linkedretrieved 2026-05-17

Methodology #

Check whether a public bug bounty program is active for this protocol and record the maximum payout in USD.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol liquid-collective factor RD-F-007 score red collected_at 2026-05-16 19:46:23