Disclosure SLA public

Synapse Protocol's assessment for RD-F-176 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Immunefi $1M max critical bounty cap is inadequate for a protocol with $728M peak TVL and $21M current TVL. Nov 2021 incident put $8.2M at risk — bounty cap covers less than a meaningful fraction. No confirmed payout demonstrates program effectiveness.

Sources #

URL
https://immunefi.com/bug-bounty/synapse/retrieved 2026-04-26

Methodology #

Determine whether the protocol publishes an acknowledgment-time SLA for disclosed vulnerabilities (e.g., 72h ack).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol synapse factor RD-F-176 score red collected_at 2026-04-26 21:35:35