Disclosure channel exists
Raydium's assessment for RD-F-175 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Active Immunefi bug bounty program live since 2023-04-25 with 74 assets in scope, max payout $505K. Direct email channel security@reactorlabs.io documented in SECURITY.md (raydium-amm and raydium-clmm repos). Dual-channel disclosure (Immunefi platform + direct email). Operationally proven: two max-payout whitehack bounties paid ($505K tick manipulation July 2024; $505K liquidity drain May 2025).
Sources #
- URLRaydium Bug Bounty Program — ImmunefiImmunefi Raydium bug bounty program — active since 2023-04-25retrieved 2026-04-29
- Raydium AMM Security Policy and AdvisoriesGitHub raydium-amm security page — SECURITY.md with security@reactorlabs.ioretrieved 2026-04-29
Methodology #
Determine whether the protocol publishes a public security disclosure channel (security@ email, Immunefi program, in-house disclosure page).
See the full factor methodology and distribution across all protocols →