Tempus has joined the bug bounty program that was implemented by Hats Finance. An announcement about this was made last week.
You can see the active Vaults here: https://app.hats.finance/vaults
The Hats Bug Bounty program is decentralized and requires that we deposit tokens into a Vault. If a bug is reported, we will tap into these funds to pay the person who reported the issue.
I recommend that we fund the contract with 1 million TEMP to start with (current market value is around $140,000) using Treasury funds. The idea is that the bounty will scale as the TEMP token price increases. We will have a chance to later increase/decrease the bounty.
I expect this to be non-controversial. Please give us your thoughts below - we expect to move this up to the Snapshot voting phase by w/c 17 January 2022.
This is a must for me. Security is very important for every DeFi protocol, and bug bounty is one way of securing the protocol.
Let’s move this to a quick temperature check already, please vote below:
- Yes, let’s do it!
- No, I think it’s a bad idea
I agree with @mijovic and value security very highly. Bug bounties are an established way to improve security, next to audits, and I therefore support this proposal.
Bug bounty is indeed a must have. Good idea!
Tempus also uses Immunefi according to the website. Which program attracts the most/best whitehats? Should we have a look at other programs as well?
I think having two different bug bounties makes sense. ImmuneFi is the market leader here. Hats complements it nicely with this bug bounty that scales. We could, however, increase the bounty $ amount later.
We are also working on securing protocol level insurance coverage for around USD 10 million which will complement the existing bug bounties.
I think this proposal is non-controversial so I suggest we move it up to the Snapshot voting phase next week.
I agree with this proposal - security is of the upmost importance in the DeFi space. Establishing a bug bounty program is just one of the many things we can be doing to enhance the security of Tempus.
It couldn’t have come at a better time with the new Rari integration the Yearn one announced. As the protocol attracts more users, I am happy to see Tempus prioritize security.
This governance proposal has passed with a large majority.
We have now implemented this proposal by transferring 1 million $TEMP tokens into the Hats Tempus bug bounty vault from the Tempus Treasury.
Transaction hash: here.
This discussion will now be closed.