Bug bounty presence & max payout

Midas's assessment for RD-F-007 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Active bug bounty via Sherlock (audits.sherlock.xyz/bug-bounties/122) and Cantina (cantina.xyz/code/d77405e5-99ce-4ba5-846c-885820b030e1/overview) since 2026-03-24. Maximum payout $500,000 USDC. Scope explicitly covers mToken contracts, access control, deposit/redemption vaults, DataFeed, LayerZero OFT, Axelar vault. Meets green threshold (≥$500K active program).

Sources #

URL
Midas Bug Bounty Announcement LinkedInLinkedIn bug bounty announcement, scope detailsretrieved 2026-05-16
URL
Midas Bug Bounty on SherlockSherlock bug bounty program, $500K max, live since 2026-03-24retrieved 2026-05-16

Methodology #

Check whether a public bug bounty program is active for this protocol and record the maximum payout in USD.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol midas factor RD-F-007 score green collected_at 2026-05-16 09:34:55