Open in app

Sign in

Write

Sign in

Immunefi

Home

About

Immunefi

Immunefi is the premier bug bounty platform for smart contracts and DeFi projects, where security…

Immunefi Arbitration: A New Era for Onchain Dispute Resolution

--

At Immunefi, we’re in the business of creating revolutionary new security standards. Today, we’re proud to announce the launch of Immunefi Arbitration, the world’s first legally binding dispute resolution system for bug bounties.

Through Immunefi Arbitration, our bug bounty programs can now provide a fair, fast, cost-efficient, and globally enforceable path to resolve disputes over the most important vulnerabilities, making responsible disclosure and bug hunting safer for security researchers and projects alike.

Assurances of being a good faith actor is the future of web3 security.

Why Is Arbitration Needed?

Bug bounties play a vital role in securing the onchain economy. However, disagreements about the validity, severity, or payment of a bug report can create serious friction between security researchers and projects. Immunefi mediation has been honed over years to resolve the overwhelming majority of bug bounty disputes, but it’s impossible to resolve all cases.

In the past, these disputes have dragged on without clear resolution, often harming both sides. Immunefi Arbitration changes this by offering a neutral, legally enforceable path forward when mediation isn’t enough.

To do this, we’ve partnered with the London Chamber of Arbitration and Mediation (LCAM), which provides globally enforceable rulings in 172 countries. This sets a new standard for transparency and accountability in the onchain security ecosystem.

Dozens of projects have already signed up for Immunefi Arbitration and received Arbitration badges, which are now visible on the Explore page of our website.

Arbitration Benefits

Arbitration offers important benefits to both projects and whitehats that haven’t been possible up until now.

Projects want the best eyes on their code. Having a whitehat spend time on a project’s code could be the difference between the life or death of that project. That’s how serious vulnerabilities can be in web3. We all know what real critical impact looks like, and we’ve seen countless disastrous cases in the news of exploits that could have been prevented.

With Arbitration, projects now have the most credible way possible to get the best eyes on code via the ironclad trust assurance of Arbitration, thereby signaling to all whitehats that your project is best-in-class for security.

Projects who opt-in to Arbitration will receive an Arbitration badge, and their program will be well-ranked on the Immunefi Explore page. They will be consistently promoted as projects with the highest degree of security standards in the industry. We’re confident with that assessment, as Arbitration is neutral, third-party, independent, and much cheaper and faster than traditional courts.

Arbitration is also the best way for whitehats to get a final determination on their report from a neutral and independent party in the rare case where mediation does not resolve the dispute. As mentioned, this ruling, whether in favor of the project or in favor of the whitehat, is legally binding. Whitehats are also able to request Arbitration pseudonymously in the event that they have concerns about disclosing their identity.

How Arbitration Works on Immunefi

If a dispute can’t be resolved through Immunefi’s mediation process, either party — the security researcher or the project — can turn to Arbitration. Arbitration is strictly opt-in for projects, but we encourage all projects to adopt it. If you’re interested in Arbitration as a project, contact your Immunefi account manager.

Here’s a quick overview of how it works:

1. Mediation First

The process starts with an attempt to resolve the issue through mediation. Immunefi offers a non-binding resolution to help the parties come to an agreement. Mediation is much quicker and less intensive than Arbitration, so we always recommend starting here.

2. Initiating Arbitration

If mediation fails, and the project is Arbitration-enabled, then either party can request Arbitration after Immunefi’s mediation recommendation. A top-tier arbitrator from the LCAM will be appointed to review the case. LCAM arbitrators have the option to appoint technical experts to assist with complex security cases, ensuring that the nuances of blockchain vulnerabilities are properly understood.

To begin Arbitration, the requesting party must pay Arbitration fees. The fees for both parties are neither too high, nor too low. A traditional court case can cost hundreds of thousands of dollars and take years to resolve. To get Arbitration started, the floor price is £7,500 (for claims up to £1,000,000) because a neutral, third-party decision from a world-class Arbitration that is legally enforceable does cost money. But another very important reason for this floor price is so that Arbitration is not invoked frivolously and is only used when one party strongly believes in their case. And if a large bounty reward is potentially at stake, then the cost is very justifiable.

LCAM has provided a limited number of credits to cover Arbitration costs for security researchers and projects.

You can read more about the fees in the Help Center article for Arbitration.

3. Legally Binding Decisions

The arbitrator reviews the case and issues a decision that is enforceable in 172 countries through the New York Arbitration Convention. This ensures that no matter where you are, the Arbitration decision has real legal weight.

4. Fair Resolution

If the arbitrator rules in favor of the security researcher, the project is obligated to pay the award. If the project has enough collateral in its Immunefi vault, then payment is as simple as the project initiating a transfer from the vault to the security researcher. If not, additional collateral must be added, or else the security researcher can pursue other measures to enforce the ruling.

Immunefi Arbitration: Legal Rigor Meets Blockchain Security

Partnering with LCAM means that Immunefi Arbitration brings the rigor of traditional legal processes into the fast-moving world of blockchain security.

Arbitration typically takes weeks or months — a fraction of the time of traditional court proceedings — helping projects and security researchers alike move past disputes and focus on what matters: securing the ecosystem.

Immunefi Arbitration is available for all projects that opt in. Security researchers can submit reports to these projects with confidence, knowing there’s a clear, enforceable path to resolution if needed.

In a world where blockchain security is critical, Immunefi is proud to introduce this essential layer of protection.

Learn more about how Immunefi Arbitration works in our Help Center article on Arbitration.

--

--

Immunefi
Immunefi

Published in Immunefi

2.6K Followers
Last published Feb 25, 2025

Immunefi is the premier bug bounty platform for smart contracts and DeFi projects, where security researchers review code, disclose vulnerabilities, get paid, and make crypto safer. Immunefi removes security risk through bug bounties and comprehensive security services.

Immunefi
Immunefi

Written by Immunefi

5K Followers
7 Following

Immunefi is the premier bug bounty platform for smart contracts, where hackers review code, disclose vulnerabilities, get paid, and make crypto safer.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams