Disclosure SLA public

Midas's assessment for RD-F-176 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No public acknowledgment-time SLA found for Midas RWA. The LinkedIn bug bounty announcement states 'responsible disclosure is always incentivised' but does not publish a specific SLA (e.g., '72h ack'). The Sherlock and Cantina program pages do not specify a Midas RWA-specific response-time commitment. Note: the HackerOne/midas page (hackerone.com/midas) belongs to MIDAS Room Booking Software (security.midas.network) — an entirely separate product with a 24h response SLA — and must not be attributed to Midas RWA. Docs.midas.app returned 403 for automated fetch; no SLA found via alternative search paths.

Sources #

URL
Sherlock — Midas Bug BountySherlock bug bounty page — no Midas RWA-specific SLA statedretrieved 2026-05-16
URL
HackerOne — MIDAS (Room Booking Software, not Midas RWA)HackerOne/midas — belongs to MIDAS Room Booking Software (security.midas.network), not Midas RWA; SLA there not applicable hereretrieved 2026-05-16
URL
Midas Bug Bounty Programme — LinkedInLinkedIn bug bounty announcement — 'responsible disclosure always incentivised'; no SLA specifiedretrieved 2026-05-16

Methodology #

Determine whether the protocol publishes an acknowledgment-time SLA for disclosed vulnerabilities (e.g., 72h ack).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol midas factor RD-F-176 score red collected_at 2026-05-16 09:34:55