Polkamarkets Labs’ primary concern is the security of the smart contracts that power the Polkamarkets Protocol. We are happy to reward security researchers that find critical vulnerabilities in those smart contracts that would endanger users, their wallets and/or their funds, at scale.
We are thankful to any researcher who wishes to report a vulnerability, even if the vulnerability or flaw falls outside of the scope of bug bounties. All vulnerabilities must be disclosed with our Responsible Disclosure policy.
The Polkamarkets Data API and Web Application are blockchain clients. Their role is to make it easier for anyone to participate in the Polkamarkets Protocol, and have a significantly lower risk profile. We will only consider bounties for researchers that identify vulnerabilities that endanger users, their wallets, and/or their funds, at scale.
Systems that are operated by third-parties are considered out-of-scope for bug bounties.
The Polkamarkets Protocol, Data API and Web Application are open source software. Please check out the Developer documentation for more information.