CLMM Bug Bounty Details

Raydium's full bug bounty program with ImmuneFi can be found at: https://immunefi.com/bounty/raydium/

Only those in the Assets in Scope table are considered as in-scope of the bug bounty program.

Documentation and instruction for PoC can be found here:

A public testnet of Raydium can be found at https://explorer.solana.com/address/proKtffCScMcwkFkPHFcuHawN7mWxRkhyh8PGxkTwYx. However, note that testing on the public testnet is prohibited by the program rules. The public testnet is provided for reference only.

If a Critical Impact can be caused to any other asset managed by Raydium that isn’t on this table but for which the impact is in the Impacts in Scope section below, you are encouraged to submit it for consideration.

Concentrated Liquidity Assets in Scope

Please email security@reactorlabs.io with a detailed description of the attack vector. For high- and critical-severity reports, please include a proof of concept. We will reach back out within 24 hours with additional questions or next steps on the bug bounty.

Last updated