Cantina Bounties enables protocols to protect code in production by leveraging the best network of security researchers and the Cantina Code platform.
Access the best talent Web3 has to offer including direct access to thousands of researchers from industry-leading firms such as Spearbit.
Cantina Code was built around bettering the client experience. Simply put — less spam, higher signal findings, and less overhead for you and your team.
Through quality-gating mechanisms and LLM-based de-duplication, we reduce low-effort and spam submissions from overloading protocols.
Cantina Code provides researchers with a comprehensive code review interface to easily submit findings and the swiftest time-to-reward across the industry.
No more forms. No more Discord. No more Github. Handle all communication simply and swiftly with protocol teams — all in Cantina Code.
We believe in combining the best talent with the best reward structures to provide industry-leading bug bounties for industry-leading protocols.
Morpho Blue and MetaMorpho form part of the vision to rebuild decentralized lending in layers, with MetaMorpho enabling any lending experience to be rebuilt on a shared and immutable base layer: Morpho Blue.
Morpho Blue is a trustless lending primitive that offers unparalleled efficiency and flexibility. It enables the creation of isolated lending markets by specifying any loan asset, any collateral asset, a liquidation LTV (LLTV), an oracle, and an interest rate model.
Visit the docs for a complete project overview.
Name (address link) | Repo |
---|---|
Morpho Blue | github.com/morpho-org/morpho-blue |
Adaptive Curve Irm | github.com/morpho-org/morpho-blue-irm |
Morpho Chainlink Oracle V2 Factory | github.com/morpho-org/morpho-blue-oracles |
Name (address link) | Repo |
---|---|
MetaMorpho Factory | github.com/morpho-org/metamorpho |
Public Allocator | github.com/morpho-org/public-allocator |
Severity level | Impact: High | Impact: Medium |
---|---|---|
Likelihood:high | $555,555.00 | $100,000.00 |
Likelihood:medium | $100,000.00 | - |
Known issues from previous security reviews are considered out of scope.
Note that the metamorpho repository also gathers the findings on all periphery contracts from the Cantina competition.
address(0)
.All other issues acknowledged in the audits in this repo: https://github.com/morpho-dao/morpho-v1/ and https://github.com/morpho-dao/morpho-aave-v3
$555,555 USDC
Starts on 27 Mar 2024
Chronicle Protocol is a novel Oracle solution that has exclusively secured over $10B in assets for MakerDAO and its ecosystem since 2017. With a history of innovation, including the invention of the first Oracle on Ethereum, Chronicle Protocol continues to redefine Oracle networks. A blockchain-agnostic protocol, Chronicle overcomes the current limitations of transferring data on-chain by developing the first truly scalable, cost-efficient, decentralized, and verifiable Oracles, rewriting the rulebook on data transparency and accessibility.
Scribe's technical documentation at docs/
provides complete documentation of the technical decisions, external assumptions, internal invariants, as well as deployment and maintenance guides.
chronicleprotocol/scribe/tree/v2
In scope:
src/
Severity level | Impact: High | Impact: Medium |
---|---|---|
Likelihood:high | $50,000.00 | $30,000.00 |
Likelihood:medium | $30,000.00 | $10,000.00 |
Known issues (Acknowledged/won't fix) from previous security reviews are considered out of scope.
address(0)
.$50,000 USDC
Starts on 1 May 2024