Bug Bounty

Help us make ForgeX safer. Report bugs, get rewarded, and be part of our Community Audit program.

🧭 Severity Levels & Rewards

Level

Description

Reward

🟥 Critical

Asset loss, bypass of signer/auth checks, private key exploits.

$10,000

🟧 High

Issues that could result in significant disruptions, such as unauthorized transactions, privilege escalations, or exposure of sensitive user data.

$5,000

🟨 Medium

Flaws that may cause moderate impact, including transaction inaccuracies, minor data leaks, or partial denial of service.

$2,000

🟩 Low

Minor vulnerabilities that have limited impact, such as UI inconsistencies, minor validation errors, or informational disclosures without direct exploitation potential.

$100-$500

Note: final rewards are determined based on the severity, reproducibility, and exploitability of the issue.

📥 How to Submit

Describe the issue in detail (steps to reproduce, contracts involved, expected vs actual behavior)
You can submit your report through one of the following ways:
1. Mail us at [email protected]
2. DM @james_ssc on Telegram
3. DM @forgex_tools on Twitter
Once we confirmed the issue, we will fix it and send the reward immediately. Usually won't be longer than a week.

We accept both on-chain and off-chain reports, and strongly encourage white-hat disclosure principles.

⚠️ Responsible Disclosure

Do not exploit bugs for personal or public gain.
Do not share vulnerabilities publicly until we confirm a fix is deployed.
Acting maliciously may disqualify you from rewards and lead to further action.

PreviousCommunity Compensation NextPrivacy Policy

Last updated 9 months ago

Was this helpful?

hashtag🧭 Severity Levels & Rewards

hashtag📥 How to Submit

hashtag⚠️ Responsible Disclosure

🧭 Severity Levels & Rewards

📥 How to Submit

⚠️ Responsible Disclosure