Bug Bounty Program


Security is everything

Boba is partnering with Immunefi to create a bug bounty program to reward individuals for finding and reporting security vulnerabilities in the Boba code. If you discover a bug or vulnerability, we encourage you to report it to us. We are committed to working with the community to identify and fix any security issues as quickly as possible.


Rewards for eligible bug reports will be based on the severity of the issue and distributed through the Immunefi vulnerability system. Rewards may range from $1,000 to $1,000,000 depending on the impact and complexity of the issue.

Payouts are denominated in USD by the Boba Foundation. However, payouts are done in USDC.

KYC required

Boba Network requires KYC to be done for all bug bounty hunters submitting a report and wanting a reward for critical and high threat levels. The information needed is proof of your identity. The collection of this information will be done by the Boba Foundation.

Submit a bug

To submit a bug report, please follow the instructions on the bug bounty page to submit a report. This may involve filling out a form or sending an email to a designated email address. Thank you for helping us make our platform more secure!