Threshold Network, and its applications (PRE and tBTCv2), have been audited by multiple third party firms. The audits are published on (Threshold · About) and we understand that a second audit of tBTCv2, with Trail of Bits, will be published soon.
However, given the recent launch of tBTCv2’s Chaosnet 0 and the upcoming launch of minting in January, it is our responsibility to take further steps to improve the networks’ security posture. We propose establishing a public bug bounty on Immunefi (Immunefi Bug Bounties | Immunefi), a popular web3 bug bounty platform.
A credible bug bounty program will attract additional security reviews from the white hat community and incentive responsible disclosure of security vulnerabilities, which is especially topical given the severity of recent bridge-related security vulnerabilities.
We propose an initial schedule below, and request community and developer feedback on the amounts prior to moving this to snapshot:
- Critical: Up to $500,000 in T tokens
- High: Up to $50,000 in T tokens
- Medium: Up to $5,000 in T tokens
- Low: Up to $500 in T tokens
If tBTCv2 achieves an extremely TVL, these amounts can be revisited and increased.