Yala Bug Bounty Program
Yala Protocol secures Bitcoin assets. Security failures mean user losses. We need community help finding vulnerabilities.
Report Scope Smart contract bugs, cross-chain issues, cryptographic flaws, economic attacks, infrastructure problems.
How to Report Email [email protected] with: vulnerability description, impact assessment, reproduction steps, your contact info.
Our Process Acknowledge within 24 hours, assess within 72 hours, then investigate, fix, and coordinate disclosure.
Rules Don't exploit beyond proof-of-concept. Don't access user funds. Don't disrupt operations. Give us time to fix before going public.
Rewards Critical: up to $250k. High: up to $50k. Medium: up to $10k. Low: up to $2k. Based on severity, report quality, impact, uniqueness.
Contact [email protected] (mark urgent issues "URGENT")
Last updated
Was this helpful?