Connext

Connext is a Bridge protocol deployed on ethereum, arbitrum, optimism. Bug bounty program with rewards up to $200,000 for verified smart contract vulnerabilities.

ETHARBOPMATICBSCBridgePoC Required

Verified ProgramKYC Not RequiredPoC Required

Max Bounty$200,000

Min Bounty$500

PayoutUSDC

Findings0

Accepted0

Chains5

TVL$183.3M

Live SinceDec 2021

Submit a Finding for Connext →

5 Audit Reports Available

auditsExternal

Connext-Spearbit-Security-Review.pdfSpearbit

2021-07-connext-findingsCode4rena

2021-07

2022-06-connext-findingsCode4rena

2022-06

Connext NXTP — Noncustodial Xchain Transfer ProtocolConsensys Diligence

2021-07

01Severity & Rewards

02Program Rules

01Proof of Concept is required for all submissions. Reports without a working PoC demonstrating the vulnerability will not be considered.
02KYC is not required for this program. Pseudonymous submissions are accepted.
03Only previously unreported vulnerabilities are eligible. Duplicate submissions will be closed.
04Vulnerabilities must be reported through the WhiteClaws platform. Public disclosure before resolution disqualifies the submission.
05Testing must not disrupt live protocol operations. Use mainnet forks or testnets for Proof of Concept execution.

✓ IN SCOPE

●Cross-chain messaging contracts
●Bridge relay and verification logic
●Token lock/mint mechanisms
●Validator/relayer contracts
●Emergency pause and recovery functions

✕ OUT OF SCOPE

●Frontend applications
●Off-chain infrastructure

★Protocol Information

𝕏Twitter↗💬Discord↗✈Telegram↗

Resources

◆Website↗📄Docs↗⌥GitHub↗●Status↗🛡Bounty Policy↗

Audited By

Immunefi

1 Audit Report

Report #1 ↗

Submit Finding →← Browse All Programs

Bounty program indexed and verified by WhiteClawsProgram data sourced from on-chain analysis and public bounty disclosures.