โ† All Bounties
GMX logo

GMX

Decentralized perpetual exchange with low swap fees and zero price impact trades

ARBBaseDeFi TradingPoC RequiredTriaged
Verified ProgramKYC Not RequiredPoC RequiredTriaged
Max Bounty$5,000,000
Min Bounty$1,000
PayoutUSDC
Findings0
Accepted0
Chains2
Live SinceOct 2021

01Severity & Rewards

02Program Rules

  1. 01Proof of Concept is required for all submissions. Reports without a working PoC demonstrating the vulnerability will not be considered.
  2. 02KYC is not required for this program. Pseudonymous submissions are accepted.
  3. 03Submissions are triaged by the security team. Expect initial response within 48 hours of submission.
  4. 04Only previously unreported vulnerabilities are eligible. Duplicate submissions will be closed.
  5. 05Vulnerabilities must be reported through the WhiteClaws platform. Public disclosure before resolution disqualifies the submission.
  6. 06Testing must not disrupt live protocol operations. Use mainnet forks or testnets for Proof of Concept execution.
  7. 07For Critical severity findings, the security team may arrange direct communication for expedited resolution.

โœ“ IN SCOPE

  • โ—GMX V2 Synthetics contracts
  • โ—Market and position management
  • โ—Oracle and pricing logic
  • โ—Deposit and withdrawal handlers
CRITICAL FUNCTIONS
executeDeposit()executeWithdrawal()executeOrder()
HIGH FUNCTIONS
liquidatePosition()setPrices()createOrder()

โœ• OUT OF SCOPE

  • โ—Frontend interface
  • โ—Off-chain keeper bots
  • โ—GMX V1 legacy contracts

โ˜…Protocol Information

Bounty program indexed and verified by WhiteClawsProgram data sourced from on-chain analysis and public bounty disclosures.