Announcement2 min read

The Chronicle Protocol Bug Bounty is Live

Angus TookeyImage of Angus Tookey
Angus Tookey·

There is nothing more important for an Oracle protocol than security. This is why we designed Chronicle as a decentralized protocol, ensuring no single actor has the power to maliciously manipulate the network.

It’s also why we have commissioned some of the best and most professional auditing bodies in the industry to test it: Chain Security, Spearbit, and ABDK have performed multiple audits on every element of Chronicle Protocol, particularly Scribe, our new and groundbreaking blockchain Oracle design.

However, our commitment to decentralization goes beyond infra. There is power in the decentralization of security auditing too, which is why we have commissioned an ongoing bug bounty with Cantina.

Discoveries will be rewarded

There is no end date for this bug bounty, and the smart contracts in scope are related to our new and novel Oracle architecture, Scribe.

Discoveries with high impact or high likelihood severity will be rewarded up to $50,000 USD, and discoveries with medium likelihood or medium impact severity will be rewarded up to $30,000 USD and $10,000 USD.

Of particular interest to us are discoveries around:

  • Unauthorized auth access
  • Unauthorized addition or removal of validator (also known as a feed)
  • Being able to report a malicious price update
  • Constructing a non-challengeable, invalid opPoke
  • No "special" evm assumptions, i.e. evm fragmentation is a big issue and we want Scribe to be deployable on L2s, etc without adjustments

Dive into the details and join the bug bounty via the Cantina page here:

Chronicle Labs Bounty | Cantina

Related Posts