## Sovryn Partners with Immunefi to Launch Formal Bug Bounty Program
In Community Call #58, Sovryn announced a major enhancement to its security framework: the launch of a formal, public **bug bounty program** hosted on Immunefi, the premier platform for web3 security. This program invites ethical hackers and security researchers from around the world to scrutinize Sovryn’s code and rewards them for finding and reporting potential vulnerabilities.
### Why a Formal Bug Bounty Program?
While Sovryn has always undergone rigorous internal testing and external audits, a public bug bounty program adds another critical layer of defense. It leverages the collective intelligence of the global security community to provide continuous, adversarial testing of the protocol’s smart contracts. This ‘many eyes’ approach is a best practice for top-tier DeFi projects and is essential for maintaining the highest level of security.
### How it Works
1. **Partnership with Immunefi:** By partnering with Immunefi, Sovryn gains access to a large community of trusted, world-class security researchers. Immunefi also provides a standardized platform for triaging reports and managing payouts.
2. **Scope and Rewards:** The program clearly defines which smart contracts and assets are in scope. The rewards offered are scaled based on the severity of the discovered vulnerability, with the most critical bugs (e.g., those that could lead to a direct loss of user funds) carrying rewards of up to hundreds of thousands of dollars.
3. **Responsible Disclosure:** Researchers must follow a responsible disclosure process, reporting vulnerabilities privately to the Sovryn team through the Immunefi platform. This ensures that any discovered flaws can be patched before they are publicly known or exploited.
### A Commitment to Security
The launch of this program is a clear statement of Sovryn’s unwavering commitment to security. It demonstrates that the team is proactive about identifying and mitigating risks and is willing to significantly invest in protecting user funds. For users, the bug bounty program provides an additional layer of confidence and assurance that the platform they are using is among the most secure in the DeFi space.