We are thrilled to announce the launch of our Velvet Capital Bug Bounty Program in partnership with Hats Finance. This step underscores our unwavering commitment to security and excellence in decentralized finance (DeFi). This is especially important as we just launched our next-gen DeFi operating system that allows anyone to create, launch, and manage on-chain funds, portfolios, & other structured products - seamlessly! Hats Finance is a leader in blockchain security solutions and we are honored to introduce a comprehensive bug bounty program with them.

Our bug bounty program is a proactive approach to discovering vulnerabilities, weaknesses, or bugs before they can be exploited by malicious actors. By incentivizing ethical hackers and security researchers with rewards, we aim to identify and rectify potential security issues within our systems.

Program Details:

• Scope: The program extends to all Velvet.Capital smart contracts (and app/website for high & critical issues). Details are available on our program page.

• Rewards: Generous bounties, scaled according to the identified bug severity, as per the Common Vulnerability Scoring System (CVSS). Details are available on our program page.

  • Low: Contract does not function as expected, with no loss of funds. The prize will be capped at 5% of the amount that could be frozen, extracted, or at risk in production at the time of disclosure.

  • Medium: Contract consumes unbounded gas, block stuffing, griefing denial of service (i.e. attacker spends as much in gas as damage to the contract), gas griefing. The prize will be capped at 20% of the amount that could be frozen, extracted, or at risk in production at the time of disclosure.

  • High: Token holders are temporarily unable to transfer holdings, users spoof each other, theft of yield - Transient consensus failures. The prize will be capped at 30% of the amount that could be frozen, extracted, or at risk in production at the time of disclosure.

  • Critical: Empty or freeze the contract's holdings (e.g. economic attacks, flash loans, reentrancy, MEV, logic errors, integer over-/under-flow), Cryptographic flaws. The prize will be capped to the amount that could be frozen, extracted, or at risk in production at the time of disclosure.

• Reporting: Reports should be submitted via the Hats Finance platform, ensuring a transparent and effective communication channel between researchers and our security team. 

We believe that security is not a one-time task but an ongoing commitment. Through this partnership, Velvet Capital and Hats Finance are dedicated to maintaining the highest security standards, building trust with our users, and fostering a secure DeFi ecosystem.

Join the Hunt Today!

We invite ethical hackers, developers, and security enthusiasts to participate in our bug bounty program. Your expertise can contribute significantly to the resilience and robustness of Velvet Capital’s next-gen DeFi operating system and the greater DeFi ecosystem!

Please visit our Bug Bounty Program page for more information on the program, including how to participate, reward structures, and terms and conditions.