# Bug Bounty

## Overview

The SNS Bug Bounty Program is set to incentivize responsible bug disclosure by our users. This program prioritizes bugs detected in the Bonfida smart contracts and is not focused on UI bugs.&#x20;

Appropriate rewards will be distributed to users detecting medium to critical severity bugs on the core contracts of SNS.

We have partnered with the leading web3 bug bounty platform, **Immunefi**, to host this.

### Immunefi&#x20;

{% hint style="danger" %}
**The bug bounty can be found here:** [**https://immunefi.com/bug-bounty/sns/information/**](https://immunefi.com/bug-bounty/sns/information/)
{% endhint %}

This home provides the terms of use, rules, scope, rewards and disclosure policies.\
\
Please note that there are requirements to appropriately disclose bugs in order to be eligible for rewards:

1. Provision of KYC is required to receive a reward.&#x20;

{% hint style="info" %}
**KYC information is only required on confirmation of the validity of a bug report.**
{% endhint %}

{% hint style="info" %}
**KYC information would include; a wallet address, proof of address & a copy of your passport.**
{% endhint %}

2. The bug bounty adheres to a policy that limits the information sharable from the bug

{% hint style="warning" %}
**Make sure to read the** [**Responsible Publication Policy**](https://immunefi.com/responsible-publication/) **to safeguard that you remain eligible for the reward.**
{% endhint %}

3. Assets determine whether the bug is in or out of scope. Please familiarize yourself with the assets and impacts in scope before reporting a bug

### Rewards

The size of the reward depends on the asset and the impact of scope, where low & critical bugs will be rewarded differently.

{% hint style="info" %}
**Rewards vary from 1K USD to 100K USD depending on the impact of scope.**
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sns.id/collection/programs/bug-bounty.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.