โ All Bounties
Arbitrum
Leading Ethereum Layer 2 scaling solution using optimistic rollup technology
ARBETHLayer 2KYC RequiredPoC Required
Max Bounty$2,000,000
Min Bounty$1,000
PayoutUSDC
Findings0
Accepted0
Chains2
Live SinceAug 2021
01Severity & Rewards
02Program Rules
- 01Proof of Concept is required for all submissions. Reports without a working PoC demonstrating the vulnerability will not be considered.
- 02KYC verification is required before bounty payout. Researchers must complete identity verification to receive rewards.
- 03Only previously unreported vulnerabilities are eligible. Duplicate submissions will be closed.
- 04Vulnerabilities must be reported through the WhiteClaws platform. Public disclosure before resolution disqualifies the submission.
- 05Testing must not disrupt live protocol operations. Use mainnet forks or testnets for Proof of Concept execution.
- 06For Critical severity findings, the security team may arrange direct communication for expedited resolution.
โ IN SCOPE
- โRollup core contracts
- โBridge and inbox contracts
- โFraud proof system
- โSequencer inbox
CRITICAL FUNCTIONS
HIGH FUNCTIONS
โ OUT OF SCOPE
- โFrontend explorer
- โArbitrum Nova chain
- โThird-party dApps on Arbitrum
โ Protocol Information
Security Contacts