Published in


Nexus Mutual Bounty Matching Partnership

Following a successful governance vote, Nexus Mutual, a decentralized insurance protocol, is offering a trial bug bounty matching program through Immunefi to help stop devastating hacks. The purpose of this program is to offer matching bug bounty payouts to eligible and approved projects on Nexus Mutual, in order to increase the total reward amount available for hackers who submit valid and critical bugs.

The logic is simple: the more that hackers can be incentivized with larger bug bounty rewards to responsibly disclose vulnerabilities on Nexus Mutual projects, the more likely they are to do so.

As part of this trial, the matching program has allocated 2500 NXM, approximately $200,000, to the payout pool, and is providing 1:1 matching at a maximum of $200,000 per valid critical bug report. This amount is enough to cover the maximum of a single payout.

If the trial program provides value to both parties, the program may be continued and expanded in scope. The way the program works is a straightforward, two-part process:

  1. Any successful critical bug report (per Immunefi criteria) on an approved project is subsequently reviewed by the Nexus core team
  2. If exploitation of the critical vulnerability would have resulted in a payout, the Nexus core team agrees to provide a 1:1 matching payout up to $200,000

The Nexus Mutual core team has determined the following bug bounty programs on Immunefi to be eligible and pre-approved for matching payouts:

  • Alpha Finance
  • BadgerDAO
  • Bancor
  • Compound
  • Hegic
  • Pool Together
  • Sushiswap
  • Synthetix
  • Vesper
  • Yearn

P.S. Hackers subscribed to our newsletter are 35.8% more likely to earn a bug bounty. Click here to sign up.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store