Disclosure channel exists

Multipli's assessment for RD-F-175 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

A public disclosure channel exists: HackenProof bug bounty program (slug: multipli-smart-contracts, started 2026-02-24, max payout $10,000, scope: on-chain smart contract code). General support email support@multipli.fi is listed in FAQ (not a dedicated security address). Program started <3 months ago with no evidence of active prior monitoring. Max payout of $10,000 vs ~$366M TVL represents a 0.003% coverage ratio — extremely thin. No dedicated security@ email. Yellow: channel exists but program is thin and evidence of active monitoring absent.

Sources #

Docs
Multipli FAQs — V1 vs V2 descriptionhttps://docs.multipli.fi/user-guide/faqsretrieved 2026-05-17
URL
HackenProof — Multipli Smart Contracts bug bounty (max $10K, started 2026-02-24)https://hackenproof.com/programs/multipli-smart-contractsretrieved 2026-05-17

Methodology #

Determine whether the protocol publishes a public security disclosure channel (security@ email, Immunefi program, in-house disclosure page).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol multipli factor RD-F-175 score yellow collected_at 2026-05-17 11:48:35