Security of the Melon protocol is of utmost importance to the Melon Council. Melonport had several audits conducted by reputable auditors (Least Authority, Deja vu, Solidified, ChainSecurity). That being said, we encourage anyone willing to use Melon with substantial amount of AUM to conduct their own audits.
In addition to that, we welcome and reward security reports from the community with our ongoing bug bounty program.
Melon Bug Bounty program
In order to test the security of our smart contracts and thereby to detect possible vulnerabilities in our code, we invite and challenge everyone out there to find attack vectors/security vulnerabilities in the Melon protocol. A total reward pool of 247,989 DAI is available to pay out bounties. Bounties will be paid for all valid security vulnerabilities found and disclosed to the Melon Council, provided that:
- You send a report around the full method in writing to email@example.com
- The vulnerability was not reported before.
- The issue reported is not an acknowledged aspect of the system.
The bug bounty is subject to the following terms and conditions available on Github. Details here.
If you have any security concerns you would like to report, please email firstname.lastname@example.org.