Phantom
Maximum reward
$100,000
Severity
Max. Reward
Critical$100,000
High$12,500
Medium$5,000
Low$500
No deposit required
Findings submitted
5
Start date
10 Nov 2025
Please sign in as a researcher to join the bounty.
Log inPhantom is the money app for trading crypto, predictions, and more. We invite security researchers to test the systems behind Phantom and help keep our 20+ million users safe.
Focus Areas
The following types are of special interest to our security team:
- Vulnerabilities which have the potential for theft of user funds
- Vulnerabilities that could expose private keys, seed phrases, authentication tokens, sensitive user data, or privileged internal data
- Vulnerabilities that provide unauthorized access to Phantom build pipelines, deployment processes, cloud environments, or production systems
Prohibited Actions
-
Respect production and user-impacting environments: Testing against production APIs and services is allowed where needed, but must be non-destructive, targeted, and limited to accounts or assets you control. Do not perform spam, load testing, persistence, data access, fund movement, or state-changing actions that could affect other users, production services, mainnet programs, or public testnets without prior authorization.
-
No Public Disclosure Without Consent: Do not publicly disclose details of any vulnerability before it has been addressed and you have received written permission to disclose. Disclosure to the public, media, or other third parties before Phantom authorizes it will disqualify the report.
-
No Exploitation or Data Exfiltration: Do not exploit a vulnerability beyond the minimum steps necessary to demonstrate the issue. Do not access private data, move funds, persist access, engage in social engineering, or disrupt service.
-
No Conflict of Interest: Individuals currently or formerly employed by Phantom, or those who contributed to the development of the affected code, are ineligible to participate.
Disclosure Requirements
Reports should include:
- A clear description of the vulnerability and its impact.
- Steps to reproduce the issue, ideally with a proof of concept.
- Details on the conditions under which the issue occurs.
- Potential implications if the vulnerability were exploited.
- Evidence of careful manual validation. Reports based only on automated scanner output or theoretical attack paths without proof of exploitability are not eligible for reward.
Reports should be made as soon as possible, ideally within 24 hours of discovery. Please submit one vulnerability per report unless multiple findings are required to demonstrate a single exploit chain.
Eligibility
To be eligible for a reward, you must:
- Be the first to report a previously unknown, non-public vulnerability within the defined scope. Phantom is looking for novel vulnerabilities that were not already known from development, internal testing, prior reports, audits, or existing remediation work.
- Provide sufficient information to reproduce and fix the vulnerability.
- Include careful manual validation and a reproducible proof of exploitability.
- Not have exploited the vulnerability in any malicious manner.
- Not have disclosed the vulnerability to third parties before receiving permission.
- Comply with all Program rules and applicable laws.
If you are the first external researcher to report a vulnerability Phantom already knows about and is actively working to fix, you may still be eligible if your report includes materially new information Phantom did not previously know that increases the impact of the original submission.
You must also be of legal age in your jurisdiction and not be a resident in a country under sanctions or restrictions, as required by applicable laws.
Severity and Rewards
Vulnerabilities are classified using two factors: Impact and Likelihood. The combination of these factors determines the severity and guides the reward amount.
Risk Classification Matrix
| Severity Level | Impact: Critical | Impact: High | Impact: Medium | Impact: Low |
|---|---|---|---|---|
| Likelihood: High | Critical | High | Medium | Low |
| Likelihood: Medium | High | High | Medium | Low |
| Likelihood: Low | Medium | Medium | Low | Informational |
Impact Definitions:
- Critical: Vulnerabilities that can lead to severe loss of user funds, permanent system disruption, or widespread compromise.
- High: Vulnerabilities that cause notable financial loss or significantly harm user trust, but on a lesser scale than Critical.
- Medium: Vulnerabilities that lead to limited financial damage or moderate system impact.
- Low/Informational: Findings that pose minimal direct risk but reflect areas for improvement or best practices.
Impact Definitions by Asset Group
Client-Side Applications
| Severity | tl;dr | Examples |
|---|---|---|
| Critical | Vulnerabilities that can extract wallet secrets, produce unauthorized signing, or cause direct user funds loss through Phantom app behavior. | Remote extraction of a user’s seed phrase, private key, or signing capability. |
| High | Vulnerabilities that materially weaken wallet trust boundaries, sensitive action handling, or sensitive data handling and could plausibly lead to funds loss or major privacy impact. | Leakage of sensitive wallet/account data to third parties. Bypass of an enforced wallet safety control with demonstrated user-impacting risk. |
| Medium | Vulnerabilities that degrade wallet availability, expose sensitive data under constrained conditions, or meaningfully weaken user protection controls without directly granting signing capability or immediate funds access. | Persistent app or wallet DoS requiring reinstall/recovery. Local exposure of sensitive data requiring additional local/adjacent access. Bypass or degradation of a user-protection control under constrained conditions. |
| Low | Vulnerabilities with limited app security impact, usually involving temporary disruption, low-risk local behavior, or minor security/privacy presentation issues. | Security/privacy UI mislabeling. Temporary crashes or hangs recoverable by restarting. Low-impact label or display ambiguity in payment or request flows. |
| Informational | App hardening or best-practice findings without a realistic remote attack path or meaningful user impact. | Issues requiring physical access, a compromised device, local malware, or MITM without another Phantom vulnerability. Public address visibility after user connection. Weak best-practice findings without a bypass or concrete exploit path. |
Web Applications
| Severity | tl;dr | Examples |
|---|---|---|
| Critical | Vulnerabilities that can cause direct or large-scale user funds loss, full account/admin compromise, widespread sensitive data exposure, or production service compromise. | XSS or subdomain takeover on a core Phantom web property that can perform sensitive wallet/account actions. RCE or SQL injection affecting production services with access to sensitive user data. |
| High | Vulnerabilities that can cause notable user harm, sensitive data exposure, or unauthorized changes to high-trust web configuration, but with less reach or stronger prerequisites than Critical. | Unauthorized modification of high-trust user, financial, authentication, or application configuration. UI or interaction-integrity issues that can cause sensitive financial or account actions. |
| Medium | Vulnerabilities with limited sensitive data exposure, constrained auth bypass, non-core XSS/SSRF, or measurable disruption without direct funds loss. | Reflected or stored XSS on a lower-risk Phantom-controlled surface without wallet/session impact. Server-side request control issues without sensitive data access or code execution. Measurable DoS against a non-critical endpoint. |
| Low | Vulnerabilities with realistic but limited security impact, usually involving phishing risk, spoofing, metadata exposure, or low-risk UI/content integrity issues. | Open redirects or broken official links with credible phishing/impersonation impact. Security-relevant UI or content errors. Limited exposure of non-sensitive internal metadata. |
| Informational | Best-practice, metadata, or hardening findings with no demonstrated exploit path or user impact. | Missing headers, cookie flags, TLS/email best practices, version disclosure, public client configuration, analytics keys, public CMS/docs metadata, or scanner-only findings without demonstrated exploitability. |
Platform Infrastructure
| Severity | tl;dr | Examples |
|---|---|---|
| Critical | Vulnerabilities that can compromise Phantom production infrastructure, release pipelines, signing systems, secrets, or user data at scale. | Ability to inject malicious code into production build or release pipelines. Poisoning signed extension/mobile builds or production artifacts. RCE in production infrastructure with access to secrets, user data, or deploy credentials. Compromise of cloud/IAM/KMS credentials enabling production deploys, signing-service control, or sensitive data access. |
| High | Vulnerabilities that provide privileged access to internal systems, sensitive credentials, admin tooling, or security controls, with meaningful user or production impact. | Privileged CI/CD workflow execution. Exposed deploy, support, email, admin, or vendor credentials with user-impacting permissions. SSRF to cloud metadata or internal admin services with credential/data access. Unauthorized writes to security controls such as blocklists, allowlists, feature flags, or abuse systems. |
| Medium | Vulnerabilities that reach internal infrastructure or protected data in a limited way, or demonstrate constrained supply-chain, auth, or availability impact. | SSRF to internal systems without sensitive data access. Authenticated access-control bypass exposing limited internal/support data. Path traversal or object access with limited data exposure. Dependency-confusion or supply-chain execution in Phantom-controlled infrastructure without sensitive data or production impact. |
| Low | Vulnerabilities that affect low-sensitivity infrastructure state or metadata, with limited practical security impact. | Low-impact missing ownership checks, such as modifying notification preferences. Limited non-sensitive configuration changes. Public infrastructure metadata without access. Low-prerequisite telemetry pollution. |
| Informational | Infrastructure hardening, exposure, or configuration findings without demonstrated access, exploitability, or sensitive impact. | Public DNS/internal-looking hostnames, public buckets containing public assets, missing hardening best practices, version banners, non-exploitable dependency findings, or cloud/security configuration recommendations without demonstrated impact. |
Onchain Assets
| Severity | tl;dr | Examples |
|---|---|---|
| Critical | Vulnerabilities that can directly steal, permanently lock, or cause large-scale loss of user, protocol, escrow, solver, or fee-payer funds. | Direct theft, permanent lock, or unauthorized movement of user funds from Phantom-controlled programs/contracts. Bypass of authorization or signature checks to move funds or change program authority. |
| High | Vulnerabilities that can cause significant financial loss, unsafe approvals, incorrect execution, or major trust failure in Phantom-controlled onchain flows. | Cross-chain/account authority confusion causing funds to be sent to an attacker-controlled address. |
| Medium | Vulnerabilities that cause bounded financial loss, limited execution errors, fee abuse, or denial of service without large-scale fund loss. | Bounded financial loss, fee bypass, unprofitable fills, overcharging, or dust-scale drains with clear limits. Missing validation of secondary transaction instructions under constrained conditions. DoS or griefing of a Phantom-controlled program or service without fund loss. |
| Low | Vulnerabilities with limited onchain security impact, usually involving metadata, warning accuracy, small accounting errors, or low-risk misleading display. | Small rounding/accounting errors. Low-impact display issues that could mislead users but do not directly move funds. |
| Informational | Onchain observations or best-practice findings without demonstrated impact against Phantom-controlled code. | Public onchain data visibility, public RPC/mempool behavior, malicious third-party tokens/pools, MEV/sandwiching, or theoretical economic concerns without a working exploit against Phantom-controlled code. |
Likelihood Definitions:
- High: Very easy to exploit or highly incentivized.
- Medium: Exploitation is possible under certain conditions.
- Low: Difficult to exploit or requires highly specific conditions.
In addition to the above definitions, Phantom may use the Cantina Bug Bounty Severity Classification Framework to determine severity.
Payout Guidelines
Note: Actual reward amounts are determined at Phantom’s sole discretion. Factors influencing payout include quality of report, completeness, and the severity and exploitability of the vulnerability.
Other Terms
By submitting a report, you grant Phantom the rights necessary to investigate, mitigate, and disclose the vulnerability. Reward decisions and eligibility are at the sole discretion of Phantom. The terms, conditions, and scope of this Program may be revised at any time. All participants are responsible for reviewing the latest version before submitting a report.