CLMM bug bounty details
This page covers program-specific scope and assets for Raydium’s concentrated liquidity market maker (CLMM).
Raydium’s full bug bounty program with Immunefi can be found at: https://immunefi.com/bounty/raydium/
Documentation
Testnet reference
A public Solana testnet deployment exists at:
https://explorer.solana.com/address/proKtffCScMcwkFkPHFcuHawN7mWxRkhyh8PGxkTwYx
Public testnets are provided for reference only. Testing on public testnets or mainnet is prohibited. All testing must be conducted on private test environments.
Assets in scope
Only contracts listed in the repository below are considered in scope for the CLMM bug bounty:
If a critical impact affects any other Raydium-managed asset not listed here, but the impact matches those defined in the bug bounty overview, it may still be submitted for consideration.
Disclosure and contact
For vulnerabilities not submitted via Immunefi, please email:
📧 [email protected]
Include:
A detailed description of the attack vector
A proof of concept for high and critical severity issues
The team will respond within 24 hours with next steps or follow-up questions.
Last updated
Was this helpful?