Skip to main content

Bug bounty

Introduction

Euler offers a bug bounty program on Cantina with rewards up to $7.5 million. The program encourages security researchers to identify vulnerabilities across its modular lending platform, specifically in components like the Euler Vault Kit (EVK), Ethereum Vault Connector (EVC), Euler Price Oracle (EPO), and other key modules.

To report a bug, follow the instructions here.

Program highlights

  • Rewards: Up to $7.5M for smart contract vulnerabilities; website-specific bounties up to $25,000.
  • Scope: Includes the main contracts of the Euler Vault Kit, Ethereum Vault Connector, Euler Price Oracle, and Reward Streams, among others.
  • Severity definitions: Critical, high, and medium severity definitions guide reward levels, based on the vulnerability’s impact and likelihood.
  • Eligibility requirements: Only original, previously unreported, non-public vulnerabilities are rewarded; eligibility criteria must be strictly followed.

For details on severity, scope, rewards, and testing guidelines, please refer to the full Cantina documentation.