Optimism Bug Bounty Program

The Optimism Bug Bounty Program offers up to $2,000,042(opens in a new tab) for critical vulnerabilities found in the OP Mainnet codebase. Below you can find information about the various available bug bounty programs and how to report bugs that are not covered by an existing bounty.

Main Bounty Page

Optimism has a very detailed Bug Bounty Page on Immunefi(opens in a new tab). In the listing you can find all the information relating to components in scope, reporting, and the payout process.

Unscoped Bugs

If you think you have found a significant bug or vulnerabilities in OP Stack smart contracts, infrastructure, etc., even if that component is not covered by an existing bug bounty, please report it to via the OP Mainnet Immunefi program(opens in a new tab). The impact of any and all reported issues will be considered and the program has previously rewarded security researchers for bugs not within its stated scope.