Last Revision: December 4, 2021 Article Status: Published Note: This page may get updated if there are changes to previous information.
|Name||Contract Address||Github Repo|
https://etherscan.io/address/0x9F52c8ecbEe10e00D9faaAc5Ee9Ba0fF6550F511 (final official version)
https://etherscan.io/address/0xF05e0a149e4ab0253aA5e1575302E721d02369C0 (final official version)
We are determined to achieve maximum security for all that we do at Sipher. This means that we aim to be transparent in our actions.
In strong collaboration with VeriChains we are proud to share the following audit reports:
VeriChains Staking & Liquidity Mining Audit Report
Besides VeriChains we invite all of our community members and beyond to start digging in our contracts in a search for vulnerabilities through our bug bounty program. We find security one of the most important factors and therefore anyone that finds serious vulnerabilities will be rewarded graciously.
What does the bug bounty program cover?
Please be aware that this program is aimed at the smart contracts on-chain. Vulnerabilities found in the contracts on-chain are eligible for a bug bounty. Anything related to web front-end or whatsoever are not part of this program. However we do advise you to contact our team with these issues at our e-mail email@example.com — we’ll always reward accordingly.
The scope of the bounty program is limited to the liquidity mining contracts above.
How do you score the severity of found vulnerabilities?
To assess the severity of these vulnerabilities or bugs, we will be using the CVSS scoring system as shown in the image below;
What can I earn when I find a vulnerability?
We believe that any serious vulnerability should be rewarded accordingly.
Whenever a vulnerability is found that could result in the loss of user funds, we can reward up to $250,000. The exact breakdown of the payments can be found below;
- Informational — Rewards up to $500
- Low risk — Rewards up to $1,000
- Medium risk — Rewards up to $5,000
- High risk — Rewards up to $50,000
- Critical vulnerability — Rewards up to $250,000
Payouts will be made in USDC/T after we confirm the vulnerability and the person in question successfully cooperates with our team to solve the issues.
What if I find a vulnerability?
Whenever you find a vulnerability, please reach out to firstname.lastname@example.org with a clear breakdown of the vulnerability and a way for us to get in touch.