Illuvium x Immunefi Bug Bounty

Published in
3 min readJun 24, 2022


As we are continuing to enhance our diverse security plan to further protect against malicious actors and exploits, we have teamed up with Immunefi to implement our new bug bounty program. That means we will now deliver rewards (max bounty up to $150,000) for finding bugs in our website, applications and smart contracts. While we already have skilled in-house team members that focus on our security, code review and development, our partnership with Immunefi will add an additional layer to our security.

Teaming Up With Immunefi for our Bug Bounty Programs

Illuvium is now paying rewards for white hats who find bugs in our smart contracts and/or vulnerabilities in our protocols. Rewards are distributed according to the impact of the vulnerability. Vulnerability classifications are based on the Immunefi Vulnerability Severity Classification System V2.1, however they are customised to better fit our assets in scope and our threat landscape. For details, please refer to “Impacts in Scope” section here.

The following impacts to smart contracts, website and apps are included in the Illuvium bug bounty scope:

  • Loss of funds (including yield, including freezing, theft)
  • Frozen/malfunctioning contract state
  • Unavailability of web and/or blockchain assets
  • Authentication and authorization issues that could result in loss of user funds
  • Reputational damage

As we continue to grow our ecosystem, we will continue to add more bounties to the list.

Security is one of our top priorities at Illuvium. We are confident that our partnership with Immunefi will be beneficial as we add yet another layer to our existing security practices. Our aim is to collaborate with the community and white hats to review our existing elements of our protocol and moving forward as we launch new products and features for our community of gamers and investors.

In summary, this partnership not only serves to enhance our security and strengthen our brand, but also to build confidence with people who are entering the web3 space.

For detailed information on Illuvium’s Bug Bounty Program with Immunefi, please visit:

About Immunefi

Immunefi is the premier bug bounty platform for smart contracts and DeFi projects, where security researchers review code, disclose vulnerabilities, get paid, and make crypto safer. Immunefi removes security risk through bug bounties and comprehensive security services.

Launched on December 9, 2020, Immunefi focused on blockchain and smart contract security. We provide bug bounty hosting, consultation, bug triaging, and program management services to blockchain and smart contract projects.

Bug bounty programs are open invitations to security researchers to discover and disclose potentially vulnerabilities in projects’ smart contracts and applications, thereby protecting projects and their users. For their good work, security researchers receive a reward based on the severity of the vulnerability, as determined by the project affected.

Why have a bug bounty program at all? In 2020 alone, hacks and scams cost the DeFi community over $238m, and bug bounties can prevent those hacks from happening. Bug bounty programs surface vulnerabilities so they can be fixed before they get exploited in malicious hacks that destroy projects and ruin reputations.

Twitter | Discord | Medium | YouTube | Telegram

About Illuvium

Illuvium is an open-world exploration, monster collector, and auto battler game built on the Ethereum Blockchain, releasing on PC and Mac in 2022. Play-to-earn in an AAA sci-fi adventure and conquer the wilderness to help your crash-landed Ranger flourish

Race across crystal labyrinths, toxic deserts, and windswept mountain summits. A quest to uncover the cause of the cataclysm that shattered Illuvium. Hunt and capture Illuvials, powerful creatures who rule the Land. Train and fuse your Illuvials into powerful evolutions. Build your ultimate Illuvial team to take into battles and tournaments in PvE and PvP Arenas. As you discover the capabilities of the Illuvials you collect, use your creativity to build unique synergies to outsmart your opponents. Hit a winning streak as you best other hunters to become the strongest Ranger on this planet.

Illuvium’s collectible NFT games feature interoperable assets across the Illuvium universe. The decentralized NFT collection offers players user-maintained custody never before possible in mainstream gaming.

Website: Illuvium

Twitter: @Illuviumio

Discord: Join the Illuvium Discord Server!

Medium: Illuvium

Telegram: Illuvium Official Chat

YouTube: Illuvium




News, protocol updates, reveals, and other dispatches from the Illuvium DAO. Illuvium is a decentralised game studio.