# Bug Bounty

//TODO Enable once we create the bug bounty program on immunefi.

The VertoTrade bug bounty program is focused around our smart contracts, websites, and apps with a primary interest in the prevention of loss of user funds, either by direct draining of locked funds or social engineering attacks by redirecting users or forcing them to sign a transaction.

Smart Contracts and Blockchain*

Level
Critical	up to USD $1,000,000
High	USD $40,000
Medium	USD $5,000
Low	USD $1,000

*All bug reports must include a Proof of Concept demonstrating how the vulnerability can be exploited to be eligible for a reward. This may be a smart contract itself or a transaction.

Website and Apps

Level
Critical*	USD $7,500
High	USD $4,000
Medium	USD $1,500

*XSS reports are restricted to those that have an impact of prompting a user to sign a transaction or a redirect.

All payouts are done by the VertoTrade team and are pegged to the USD values set here and are payable in VERTO or REBUS.