Bug Bounties

Optimism Bug Bounty Program

Optimism takes security seriously and as such, we have a massive bug bounty program. We don't just talk about it either! We have given out one of the largest bounty payouts ever (opens new window)! You can read more about that bug here (opens new window). Below are the various bug bounty programs we have, as well as how to reach out to us if your bug is not covered by an existing bounty.

Main Bounty Page

Optimism has a very detailed Bug bounty Page on Immunefi (opens new window). In the listing you can find all the information relating to assets in scope, reporting, and the payout process.

Bedrock Audit Contest

With our upcoming launch of Bedrock we have launched a Sherlock audit contest (opens new window).

Unscoped Bug

If you think you have found a critical or major bug that is not covered by our existing bug bounty, please report it to us via the Immunefi program regardless. We will seriously consider the impact of any issues, and have previously rewarded security researchers for bugs not within the stated scope of the program.