Bug bounty presence & max payout

Spiko's assessment for RD-F-007 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No public bug bounty program exists. Immunefi search returns 404. Data cache confirms bug_bounty.platform: null. Profile section 9 confirms no public bounty found after searching Immunefi, Cantina, HackerOne. $1.22B TVS across three codebases with no whitehat economic incentive for disclosure.

Sources #

URL
Immunefi Spiko (404 - program not found)Immunefi 404 no Spiko bounty program existsretrieved 2026-05-16
Internal
spiko 00-data-cache.json bug_bounty.platform fieldData cache sources.bug_bounty.platform: null confirmedretrieved 2026-05-16

Methodology #

Check whether a public bug bounty program is active for this protocol and record the maximum payout in USD.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol spiko factor RD-F-007 score red collected_at 2026-05-15 22:52:13