AMM v4 bug bounty details
This page covers program-specific scope and assets for Raydium’s hybrid AMM (AMM v4).
Raydium’s full bug bounty program with Immunefi can be found at: https://immunefi.com/bounty/raydium/
Documentation
Testnet references
Raydium AMM testnet: AMMjRTfWhP73x9fM6jdoXRfgFJXR97NFRkV8fYJUrnLE
OpenBook CLOB testnet: EoTcMgcDRTJVZDMZWBoU6rhYHZfkNTVEAfz3uUJRcYGj
Public testnets are provided for reference only. Testing on public testnets or mainnet is prohibited. All testing must be conducted on private test environments.
Assets in scope
Only contracts listed in the repository below are considered in scope for the hybrid AMM bug bounty:
If a critical impact affects any other Raydium-managed asset not listed here, but the impact matches those defined in the bug bounty overview, it may still be submitted for consideration.
Disclosure and contact
For vulnerabilities not submitted via Immunefi, please email:
📧 [email protected]
Include:
A detailed description of the attack vector
A proof of concept for high and critical severity issues
The team will respond within 24 hours with next steps or follow-up questions.
Last updated
Was this helpful?