Hi @zeni (cc: @hellwolf @dopamino)
Confirming on behalf of Sherlock: no fixed fee is applicable for managing the Community Bounty Program.
@Sherlock - thank you for the quick reply.
Are there any other fees involved? If so, could you please provide details?
Hey @zeni - there are no fixed fees at all involved with the bug bounty program. We do typically take a percentage of any payouts from bugs found, but this part is typically negotiable with the team.
Separately though, if the team decided to engage us for an audit, that would have a cost based on the scope of the engagement.
1 Like
Hey @Zeni and Superfluid DAO,
Just to clarify, our proposal is fully inclusive, with no extra fees for individual bug reports or audit competitions. Everything is covered under a single subscription, including:
- Managed Triage with expert-led validation and filtering
- Mitigation Reviews to verify patch quality and completeness
- Bug Bounty Program + Audit Competitions
- Early access to Magnus, our AI-powered SecOps platform
- Zero judging fees and automated Vault payouts
Superfluid has already paid out ~$500K to whitehats on Immunefi, many of whom are already experienced with the Superfluid protocol. The bounty program will have the attention of 50,000+ registered researchers, and for an even more tailored approach, we can run an invite-only Audit Competition focused on whitehats already familiar with your codebase.
We’re happy to adjust the numbers if needed, the DAO can mix and match services based on your priorities, and pricing will scale accordingly. Our goal is to deliver a security program rooted in quality, experience, and long-term sustainability.
Voting for this proposal has ended.
Results are available here
Sherlock 92.77%, Immunefi 7.23%
Superfluid Foundation will now proceed with the next steps listed in the proposal.
3 Likes
Thank you @dopamino and Superfluid community for providing us with the opportunity to continue our valued collaboration!
1 Like