rDEX V2 is Deployed on the StaFiHub Testnet with The Bug Bounty Program
Overview
After several rounds of internal testing, rDEX V2 is now deployed on StaFiHub testnet to be open to our community to test. rDEX V1 officially went live on the substrate-based StaFi Chain three months ago after the completion of testnet Bug Bounty and PeckShield security audit. During the past three months, rDEX has proven to be safe to our community. Now we have upgraded rDEX V1 to V2 with new features and deployed the V2 on StaFiHub testnet.
With rDEX V2, StaFiHub users can trade the rTokens issued on StaFiHub against the base token, like rATOM against ATOM, and not the rATOM against FIS token on StaFi Chain. We think that this new feature will greatly improve the capital efficiency of liquidity providers and create a friendly arbitrage mechanism to help peg the rToken trading price with the real on-chain exchange rate. For now, rDEX V2 testnet supports 2 trading pairs: rATOM/ATOM and rIRIS/IRIS.
StaFi hereby announces with excitement that the rDEX V2 on StaFiHub testnet is live to the community from today: https://test-app.rdex.finance/stafihub. The StaFi team welcomes any users and developers participating in the testing of rDEX V2, and for that, we have prepared incentives as well as considerable bounty rewards for users and developers who find bugs and vulnerabilities.
For a detailed introduction to the rDEX solution, please check:
https://commonwealth.im/stafi/proposal/discussion/2776-rdex-v1-solutionan-amm-dex-for-rtokens
rDEX V2 Key Features
rDEX is very important for StaFi protocol’s staking derivative eco as the decentralized trading platform for all the rTokens. rDEX V2 has the following new features:
- Trading rTokens against base tokens: Compared with rDEX V1, rDEX V2 supports trading between rTokens issued on StaFiHub and the base token.
- Continuous Liquidity: rDEX is an automated market maker DEX to provide continuous liquidity for rTokens by utilizing Thorchain’s CLP market maker model.
- Lower Slippage: rDEX ensures low slippage for small and medium-sized transactions by using the fee model based on slippage.
- Asymmetrical Deposit: Unlike the majority of cryptocurrency liquidity pools, rDEX users can provide liquidity by depositing one token or two tokens asymmetrically.
Bug Bounty
Function Test
1.Testing Period: 5/7/2022 — 20/7/2022
2.Testing Guide: https://reurl.cc/6Z66Xb
3.Testing Task
- Add liquidity for rATOM/ATOM and rIRIS/IRIS pairs
- Remove Liquidity for rATOM/ATOM and rIRIS/IRIS pairs
- Swap rATOM to ATOM and rIRIS to IRIS
- Swap ATOM to rATOM and IRIS to rIRIS
- Stake rATOM/ATOM and rIRIS/IRIS LP tokens
- Unstake rATOM/ATOM and rIRIS/IRIS LP tokens
- Claim the rewards
4.Functional Bug Bounty
You can submit any functional bugs that have not been reported yet and suggestions related to rDEX (StaFiHub Chain) by completing the above testing tasks. Please explain the bugs and suggestions in detail and send an email to support@stafi.io with the corresponding screenshots before submitting.
The StaFi team will evaluate and confirm the functional bugs. If adopted, rewards from 10 USDT to 1000 USDT will be awarded to the reporter.
Code Vulnerability Testing
1.Test Content: https://github.com/stafihub/stafihub
2.Criteria
- Critical: Abnormal function, ineffective function, or security breach, etc.
- Moderate: Defects that do not affect the function, non-security issues, such as the room for optimization, performance improvement, etc.
- Low: Unimportant issues, some minor issues that can be modified during updates, such as modifying text or notes.
Outside the scope of the bounty program:
- Repeated reports on security issues, including security issues that have been confirmed by the StaFi team;
- Theoretical security issues without pragmatic application scenarios, or issues that require complex user-interactions.
3.Rules
- It must be a newly discovered bug(s) that has/have not been reported before
- The bug(s) found must be related to security issues in StaFi GitHub page code, but not other third-party code
- Have not written any codes of StaFi around the bug(s), and have not participated in any process that generated the bug(s) of StaFi in other ways
- Public disclosure will make you lose your bounty
- The StaFi team reserves the right to make the final decision on eligibility for the event and all rewards
4.Bounty Rules
The bounty will be issued in the form of FIS, and the amount will depend on the severity of the bugs found.
In addition to severity, the bounty amount will be determined (but not limited to) by other factors including:
- The accuracy and details of the bug description
- The quality of reproducibility, such as test code, scripts, and detailed instructions
5.Submission Method
When you find a bug(s), please send a report to: support@stafi.io
Please attach your name, email, company name (optional), description of the bug(s), your opinion on what is the potential impact of that bug on StaFi rDEX V2, and how you discovered that bug.
6. FAQ
1. What should I do if I submit a bug but do not get a reply?
Please provide some time to us to review the bugs you are reporting, and will reply to you as soon as possible. If you haven’t received a reply two weeks after submission, you can send an email to us at: support@stafi.io
2. In what form is the bounty issued?
The bounty is issued in the form of FIS on the StaFiHub mainnet. We will contact the winners for their StaFiHub mainnet address to send the rewards after the StaFiHub mainnet is live.
If you have more questions, please send an email to us: support@stafi.io
References
1.rDEX V2 Portal: https://test-app.rdex.finance/stafihub
2.rDEX V2 Testing Guide: https://reurl.cc/6Z66Xb
About StaFi
StaFi is the first DeFi protocol unlocking liquidity of staked assets. Users can stake PoS tokens through StaFi and receive rTokens in return, which are available for trading, while still earning staking rewards. rToken is a synthetic staking derivative issued by StaFi to users when users stake PoS tokens through StaFi rToken App . rTokens are anchored to the PoS tokens staked by users and the corresponding staking rewards. rTokens can be transferred and traded at any time.
