Trader Joe

Trader Joe is a DEX protocol deployed on avalanche, arbitrum, bsc. Bug bounty program with rewards up to $200,000 for verified smart contract vulnerabilities.

AVAXARBBSCDEXPoC Required

Verified ProgramKYC Not RequiredPoC RequiredPrimacy of Impact

Max Bounty$200,000

Min Bounty$500

PayoutUSDC

Findings0

Accepted0

Chains3

Live SinceMay 2023

01Severity & Rewards

02Program Rules

01Proof of Concept is required for all submissions. Reports without a working PoC demonstrating the vulnerability will not be considered.
02KYC is not required for this program. Pseudonymous submissions are accepted.
03This program follows Primacy of Impact — valid findings are rewarded based on demonstrated impact regardless of whether the specific attack vector was previously known.
04Only previously unreported vulnerabilities are eligible. Duplicate submissions will be closed.
05Vulnerabilities must be reported through the WhiteClaws platform. Public disclosure before resolution disqualifies the submission.
06Testing must not disrupt live protocol operations. Use mainnet forks or testnets for Proof of Concept execution.

✓ IN SCOPE

●AMM / swap router smart contracts
●Liquidity pool management
●Price oracle and TWAP implementation
●Fee collection and distribution
●Governance token contracts

✕ OUT OF SCOPE

●Frontend applications
●Off-chain infrastructure

★Protocol Information

Resources

◆Website↗📄Docs↗🛡Bounty Policy↗

Submit Finding →← Browse All Programs

Bounty program indexed and verified by WhiteClawsProgram data sourced from on-chain analysis and public bounty disclosures.