We operate a bug bounty program to financially incentivize independent researchers (with up to $10,000,000 USDC) to find and responsibly disclose security issues in Wormhole.
If you find a security issue in wormhole, we ask that you immediately report the bug to our security team.
We engage 3rd party firms to conduct independent security audits of Wormhole. At any given time, we likely have multiple audit streams in progress.
As these 3rd party audits are completed and issues are sufficiently addressed, we make those audit reports public.
- January, 10, 2022 - Neodyme
- Scopes: Solitaire, Solana Contracts, Ethereum Contracts, Terra Contracts, and Guardian