Security
Bug Bounty Program
Find a vulnerability in Unicorn Protocol and earn up to $100,000 USDC. The safety of user funds is our highest priority.
Critical
$100K
Theft of funds or permanent breakage
High
$25K
Temporary loss of funds or DoS
Medium
$5K
Partial loss or protocol degradation
Low
$500
Minor issues and informational
Scope
ContractStatusMax Reward
UnicornPoolManager.sol In Scope$100K
PoolRouter.sol In Scope$25K
PositionManager.sol In Scope$25K
CORN Token (ERC-20) In Scope$5K
Horn Hook contracts (third-party) Out of Scope—
Frontend / UI Out of Scope—
Rules
Submissions must be original and not previously reported or publicly known
Proof-of-concept required for Critical and High severity reports. Include reproducible steps
Responsible disclosure: give us 90 days to remediate before public disclosure
DoS attacks on mainnet infrastructure, social engineering, and front-end phishing are excluded
Horn of Fame — Leaderboard
#ResearcherFindingsEarned
10xPhantom3 findings$31,000
2ShadowByte2 findings$12,500
3MagicAudit.eth4 findings$8,200
4r3dteam_1 finding$5,000
5NullRef6 findings$3,100
Found something?
Submit your report securely via Immunefi. Include reproduction steps and a PoC for High/Critical reports.