Optim Finance
  • INTRODUCTION
    • Introduction
    • Roadmap
  • OADA
    • Overview
    • OADA 🟣 and sOADA 🟢
    • Flow of Funds
    • User Guides
      • Passive yield with sOADA
      • Epoch Stake Auction
    • AMOs
      • Splash DEX AMO
      • Stake Auction AMO
      • Staking AMO
    • Governance
    • Resources
  • OTOKEN Framework
    • Introduction
      • Key Benefits
      • Who is it for?
      • Inspirations & Applications
    • Framework
      • Key Concepts
      • Use Cases
      • OTOKENs
    • Core Concepts
      • OTOKEN and sOTOKEN
      • Algorithmic Market Operations (AMOs)
      • Balancing Stability, Yield, and Adaptability
    • System Architecture
      • OTOKEN Policy
      • Staking AMO
      • Collateral Management AMO
    • Extensions & Other Modules
      • DEX AMO (Liquidity & Peg Stability)
      • Stake Auction AMO
      • Borrowing & Lending AMOs
      • Other AMOs & Opportunities
    • Multiple OTOKEN Deployments
      • Ecosystem Synergy
      • Not Just Synthetic Assets
    • Vision
      • Key Pillars of the OToken Framework
      • Future Directions & Opportunities
      • An Invitation to Innovate
    • Bug Bounty Program
  • LIQUIDITY BONDS
    • Overview
    • Bond App FAQ
    • Use Cases
      • ISPO Bonds
      • SPO Bonds
    • Bond Architecture
      • Validators
      • High Level Workflow
      • Scripts Technical
      • Transaction Flow
      • Pooled Loans
    • Guides for SPOs
      • Bond Creation
      • Bond Sales
      • SPO Bond Issue Summary
      • Bond Verification
    • Liquidity Bonds Audit
  • OUSD
    • OUSD Reserves
      • Reserve Criteria
        • Stability and Reputation
        • Compliance
        • Smart Contract Security
    • Ongoing Reserves Management
      • Reserve Asset Valuation Calculation
      • Dynamic Reserve Asset Adjustment Metrics
        • Dynamic Reserves Adjustment
    • Yield, Staking, and Flow of Funds
      • Yield Modules
        • OUSD DEX AMO
        • Future Modules (v2)
      • Staking AMO
      • sOUSD Redemption Mechanism
    • Peg Protection
      • Market Depth and Liquidity
    • Governance and Risk Framework
      • Risk Capital Requirements
      • First-Loss Capital Structure
      • Asset Allocation Framework
        • Static Governance Parameters
        • Dynamic Allocation System
    • Financial Engineering Audit
  • Leviathan
    • System Architecture
      • Background
      • Concurrency Limitations
      • Complexity in Transaction and Contract Management
    • Core Concepts
      • Deterministic Transaction
        • Guaranteed Transaction
      • Instant Finality
        • Liveness and Safety
        • Probabilistic Finality vs Instant Finality
      • Account Abstraction
        • Concept of Account Abstraction
        • Technical Implementation
        • Security and Operational Implications
      • Intent Based Transactions
        • The Infrastructure and Process of IBTs
        • Declarative Constraints in IBTs
      • Layer 2
        • Types of Layer 2 Solutions
      • Sequencers
        • Core Functions of Sequencers
        • Role in Layer 2 Rollups
        • Challenges
    • System Components
      • Understanding the System Components
      • Optim-Account (Intents to enable tx chain)
        • User Interaction and Intent Submission
        • Intent Structuring and Authentication
        • Smart Contract Functionalities and Operational Parameters
        • The Necessity of an Account-Based Framework
        • Account Abstraction and Its Role in Leviathan
      • Leviathan Sequencer System (tx chain building)
        • The Role of the Leviathan Sequencer System in Conjunction with The Optim Account
        • Sequencing and Ordering of Transactions
        • The Role of Time in the System
        • The Pragmatic Leviathan: Dealing with Potential Changes
      • The Role of OADA in the Leviathan System
        • Operational Simplification of Staking Mechanisms via OADA Integration
        • Facilitating Time Dilation and Composability
    • Processes
      • Entering Leviathan
      • Transaction Execution
      • Leaving Leviathan
    • High Level Overview
      • System Design
        • Account Abstraction Functionality
        • Guaranteed Transactions
        • Instant Finality
        • Unbreakable Transaction Chaining
        • Layer 2 Execution Environment
        • Future Sequencer Network
      • System Context
        • Limitations of current transactions chaining paradigm
        • Limitations of current inter dApp composability issues
        • Explanation of basic design and non-custodial asset inputs
        • Intent Based Transactions
        • Account Base vs eUTxO model app architecture
      • Theoretical Applications
  • GOVERNANCE
    • Governance Overview
      • Proposal Temp Check
      • Governance Proposal
        • On/Off Chain Mechanics
      • ODAO
    • Tokenomics
      • Categories
      • Vesting
    • Optim DAO Wallets
    • Protocol Profits
  • GUIDES
    • Transaction Chaining
      • Background
      • Overview
      • Pool Transaction Chaining
    • OPTIMiz Conversion
  • ODAO Stack
    • Introduction
    • Design Principles
    • Why Optim DAO Stack?
      • Current Limitations
      • ODAO Solutions
    • Key Features
      • Snapshot Voting
      • Treasury Management
      • Proposal Execution
    • System Architecture
      • Modular Framework
      • On-Chain Logic
      • Off-Chain Operations
      • User Interfaces
    • Core Modules
      • Snapshot Voting Module
      • Treasury Management Module
      • Proposal Execution Module
    • Future Roadmap
      • Potential Future Enhancements
      • Long Term Vision
Powered by GitBook
On this page
  • Report Summary
  • Perpetual Bounty
  • Full Report
  1. OTOKEN Framework

Bug Bounty Program

PreviousAn Invitation to InnovateNextOverview

Last updated 2 months ago

Report Summary

The OADA Bug Bounty Program was launched by Optim Finance to reinforce the security of its OToken Framework smart contracts prior to release. The two-week program (June 12–June 26, 2024) invited developers and security researchers to scrutinize the code at github.com/OptimFinance/clean-code, backed by a 50,000 ADA reward pool. Participants were asked to report potential vulnerabilities via the Optim Finance Discord, and issues were classified according to severity (Critical or Major), in line with guidelines from Anastasia Labs.

During the bounty period, four researchers submitted inquiries regarding specific contract processes. After discussions with the lead developer to clarify system design choices, no exploitable vulnerabilities were identified or reported. As a result, no payouts were awarded. This outcome, together with prior audits by Anastasia Labs, provides strong assurance of OADA’s security.

Perpetual Bounty

Moving forward, Optim Finance has established a perpetual bug bounty with a 20,000 ADA pool to encourage ongoing community vigilance. This measure ensures that any future vulnerabilities discovered—at any time—can be promptly reported and resolved, reinforcing the protocol’s commitment to security, reliability, and transparency.

Full Report

111KB
OToken Bug Bounty Report.pdf
pdf