Bug-Bounty Program
Incentivizing proactive security research to strengthen OLTA’s infrastructure.
OLTA runs an open bug bounty program to engage ethical hackers, developers, and security researchers in identifying potential vulnerabilities across its smart contracts and architecture.
This program is part of OLTA’s commitment to transparency, defense-in-depth, and continuous improvement.
Scope of Coverage
The bug bounty program covers:
Smart contracts handling IRT issuance, NAV calculation, and redemptions
Oracle integration, slippage smoothing, and price feed manipulation vectors
Access control and role-based permissions
Governance-related attack surfaces
UI/API interactions with onchain systems (as applicable)
Reward Tiers
Bug rewards are determined by impact severity and exploitability:
Critical
Loss of funds, minting bypass, NAV exploit
$10,000+
High
Oracle manipulation, mispricing logic
$2,500 – $10,000
Medium
Governance misconfig, gas griefing
$500 – $2,500
Low
UI/API inconsistencies, non-critical bugs
Up to $500
Disclosure Process
Submit findings to:
security@olta.financeInclude reproduction steps and, if applicable, suggested mitigation
We respond within 5 business days and confirm eligibility and reward tier
White-hat contributors may be publicly credited upon request
Responsible Research Encouraged
We welcome collaboration with researchers and firms who share OLTA’s vision for secure, transparent, and composable onchain finance.
Security is a shared responsibility. The bug bounty program gives the community a direct role in protecting OLTA’s ecosystem.
Last updated