Security and Audits
Last updated
Was this helpful?
Last updated
Was this helpful?
The security of the OpenLeverage protocol is our highest priority. Our development team, alongside third-party auditors and consultants, has invested considerable effort to create a protocol that we believe is safe and dependable.
A comprehensive test suite, including with Truffle, has been completed.
Major bugs discovered as part of the testing and auditing process were fixed. While we try our best to ensure the safety of the OpenLeverage protocol, we cannot guarantee all bugs have been discovered and resolved.
The bug bounty program is live.
In preparation for a mainnet launch, we have completed rigorous testing on all of our smart contracts. We have also open-sourced our code and engaged Code4Rena, PeckShield, and CertiK to perform audits throughout our codebase.
The bug bounty is now on and will continue until June 30, 2022.
Non-security-related issues, such as front-end bugs and gas optimization, are not eligible for the bug bounty;
Do not publicly share the vulnerability before it has been patched;
When duplicates occur, we will only award the first report received;
Paid auditors by OpenLeverage are not eligible for the bounty.
Rewards will be based on the severity of the bug found, and rewards will be payable in USDT.
Critical: Up to 20,000 USDT
High: Up to 10,000 USDT
Medium: Up to 2,500 USDT
Low: Up to 500 USDT
The bug bounty covers the smart contracts from the on the master branch of the , not including the example contracts and the contracts in the test folder.
Vulnerabilities that have been revealed from our existing are not eligible for the bug bounty;
opened on the repository are not eligible for the bug bounty;
Please submit your findings to .
We will categorize each finding with the level of severity, which is solely at the discretion of the OpenLeverage Protocol team. We will follow the and estimate a bug’s severity based on the potential impact and the likelihood of exploitation.
Join our channel for dev discussion and keep posted.