|Name||Contract Address||Github Repo|
https://etherscan.io/address/0x9F52c8ecbEe10e00D9faaAc5Ee9Ba0fF6550F511 (final official version)
https://etherscan.io/address/0xF05e0a149e4ab0253aA5e1575302E721d02369C0 (final official version)
We are determined to achieve maximum security for all that we do at Sipher. This means that we aim to be transparent in our actions.
In strong collaboration with VeriChains we are proud to share the following audit reports:
VeriChains Token Generation Audit Report & IBCO Audit Report (updated with the 2nd audit report)
VeriChains Staking & Liquidity Mining Audit Report
Besides VeriChains we invite all of our community members and beyond to start digging in our contracts in search of vulnerabilities through our bug bounty program. We find security one of the most important factors and therefore anyone that finds serious vulnerabilities will be rewarded graciously.
What does the bug bounty program cover?
Please be aware that this program is aimed at smart contracts on-chain. Vulnerabilities found in the contracts on-chain are eligible for a bug bounty. Anything related to the web front-end or whatsoever is not part of this program. However we do advise you to contact our team with these issues at our e-mail firstname.lastname@example.org — we’ll always reward you accordingly.
The scope of the bounty program is limited to the liquidity mining contracts above.
How do you score the severity of found vulnerabilities?
To assess the severity of these vulnerabilities or bugs, we will be using the CVSS scoring system as shown in the image below;
What can I earn when I find a vulnerability?
We believe that any serious vulnerability should be rewarded accordingly.
Whenever a vulnerability is found that could result in the loss of user funds, we can reward up to $250,000. The exact breakdown of the payments can be found below;
- Informational — Rewards up to $500
- Low risk — Rewards up to $1,000
- Medium risk — Rewards up to $5,000
- High risk — Rewards up to $50,000
- Critical vulnerability — Rewards up to $250,000
Payouts will be made in USDC/T after we confirm the vulnerability and the person in question successfully cooperates with our team to solve the issues.
What if I find a vulnerability?
Whenever you find a vulnerability, please reach out to email@example.com with a clear breakdown of the vulnerability and a way for us to get in touch.