Bug bounty presence & max payout

Polymarket's assessment for RD-F-007 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Active Cantina bug bounty ($5M max, critical = $5M, high = $500K) covers 18 contracts including all CTF Exchange V1/V2, NegRisk, pUSD, and UMA adapter contracts. Legacy Immunefi program ($1M max) also existed. $5M is well above the $500K green threshold.

Sources #

URL
Polymarket Cantina Bug BountyCantina bounty: $5M max payout, 18 contracts in scoperetrieved 2026-04-29

Methodology #

Check whether a public bug bounty program is active for this protocol and record the maximum payout in USD.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol polymarket factor RD-F-007 score green collected_at 2026-04-29 16:25:39