Certik Bug Bounty

Voting ended about 2 years agoSucceeded

Proposal for Certik to coordinate a bug bounty on all MetFi smart contracts.

Background

Our smart contracts have been audited by Certik 3 times and passed with flying colors each time.

You can read all about the Certik bug bounty program here:

TLDR: Certik has a community of trusted ethical hackers that will receive a reward (bounty) for finding bugs or exploits in any of our smart contracts. If none are found the ethical hackers are not paid so they have a serious incentive to find them.

Motivation

Bug bounties are best practices for companies in fields such as banking, insurance, and technology, in fact, most large organizations, if not all conduct bug bounty programs from time to time as do many DAOs and other Web3 protocols.

This program has the potential to make our smart contracts and ecosystem more secure than it already is (if any bugs are found).

Our Certik security score would improve and we will have a bug bounty section added to our Certik page similar to Shentu, click this link and then click the Bug Bounty tab to get an idea of how this section would look on our Certik page.

Costs

Certik Fee – 5,000 USDT

We propose these four (4) bug bounty rewards with the severity level of each bug determining the reward.

Critical Severity – up to 50,000 USDT
Major Severity – up to 3,000 USDT
Medium Severity – up to 500 USDT
Minor Severity – up to 200 USDT

N.B: 50,000 may seem like a lot of money to pay however the ethical hacker would need to find a critical bug to receive that reward and a critical bug could cost the DAO a lot more than 50,000 USDT if it was discovered by a bad actor so we think it wise to run the program, identify potential exploits and improve our Certik score.

Proposal

Pay Certik 5,000 USDT to push the MetFi Bug Bounty program to their community of ethical hackers and approve the bounty fee structure in the rewards table above.

If no bugs are found the only cost is the 5,000 USDT Certik fee.

Voting Options

You have 2 options:

FOR - approve Certik Bug Bounty and Rewards Program
AGAINST - deny Certik Bug Bounty and Rewards Program

The developers strongly recommend FOR, option 1.

Vote Discussion

Join the discussion on this proposal in the MetFi DAO Discord and head over to the #vote-discussion channel.

Vote

Please vote FOR to approve this proposal or AGAINST to reject it.

Off-Chain Vote

FOR705.27K METFI100%

AGAINST38.97 METFI0%

ABSTAIN0.16 METFI0%

Download mobile app to vote

Loading…

AuthorMetFi
IPFS#bafkreid
Voting Systemquadratic
Start DateApr 17, 2023
End DateApr 20, 2023
Total Votes Cast705.31K METFI
Total Voters291

Timeline

Apr 17, 2023Proposal created
Apr 17, 2023Proposal vote started
Apr 20, 2023Proposal vote ended
May 02, 2025Proposal updated