Alisa Davidson
Revealed: April 14, 2026 at 3:16 am Up to date: April 14, 2026 at 3:17 am
Edited and fact-checked:
April 14, 2026 at 3:16 am
In Transient
Polymarket launches a Cantina-hosted bug bounty providing as much as $5M, focusing on vulnerabilities throughout good contracts, internet programs, oracles, and collateral infrastructure on its Polygon-based platform.
Prediction market platform Polymarket launched a bug bounty program in partnership with the Web3 safety platform Cantina, providing rewards of as much as $5 million. The initiative targets vulnerabilities throughout the platform’s full infrastructure, together with good contracts, collateral programs, oracle integrations, and its internet software.
The platform, recognized for enabling customers to put real-money bets on occasions equivalent to elections, central financial institution selections, and main sports activities outcomes, has processed billions of {dollars} in buying and selling quantity, significantly through the 2024 United States election cycle. Its contracts function on the Polygon Proof-of-Stake community and incorporate a number of settlement pathways, a number of signature verification strategies, and a system that bridges stablecoins with an inner token.
This system is split into two important areas. The primary focuses on alternate and settlement infrastructure, which features a set of 18 good contracts accountable for commerce execution, price dealing with, collateral administration, oracle-based decision, and pockets deployment. It additionally covers integrations with the Gnosis Conditional Tokens framework, although core points inside that framework are excluded. The second space addresses vulnerabilities throughout the internet platform, together with crucial dangers equivalent to distant code execution, information breaches, subdomain takeovers involving pockets interplay, and malicious transaction injection.
Incentive Construction And Severity Classification
Rewards are structured by severity. For good contract vulnerabilities, crucial findings can obtain between $50,000 and $5 million, whereas high-severity points might earn as much as $500,000. Net-related vulnerabilities provide decrease most payouts, with crucial points reaching as much as $250,000. Severity ranges are decided primarily based on a standardized framework that considers each influence and chance.
A number of technical options are anticipated to draw safety researchers. The platform’s newer alternate contracts use low-level meeting optimizations for processes equivalent to hashing and occasion dealing with, which might introduce dangers not usually current in higher-level code. The signature verification system helps a number of validation varieties, every interacting with a nonce mechanism designed to stop replay assaults, creating potential edge circumstances.
The collateral system provides additional complexity by changing user-deposited stablecoins into an inner token by means of an upgradeable contract, which then interacts with a conditional token framework to handle positions. Further adapter layers are used for multi-outcome markets, rising the variety of potential vulnerability factors. Oracle performance is dealt with by means of UMA’s Optimistic Oracle, with adapter contracts linking oracle outcomes to market settlement additionally included in scope.
To be able to qualify for higher-tier rewards, submissions should embody detailed proof-of-concept demonstrations. Good contract stories require reproducible exams on a neighborhood Polygon atmosphere, whereas internet vulnerabilities should embody clear replication steps and supporting proof. All stories are submitted through Cantina, with immediate disclosure inspired.
This system highlights Polymarket’s advanced structure and vital monetary exercise, positioning it as a high-value goal for safety analysis.
Disclaimer
According to the Belief Venture pointers, please notice that the data offered on this web page just isn’t meant to be and shouldn’t be interpreted as authorized, tax, funding, monetary, or another type of recommendation. You will need to solely make investments what you’ll be able to afford to lose and to hunt impartial monetary recommendation when you’ve got any doubts. For additional data, we propose referring to the phrases and situations in addition to the assistance and help pages offered by the issuer or advertiser. MetaversePost is dedicated to correct, unbiased reporting, however market situations are topic to alter with out discover.
About The Creator
Alisa, a devoted journalist on the MPost, focuses on crypto, AI, investments, and the expansive realm of Web3. With a eager eye for rising tendencies and applied sciences, she delivers complete protection to tell and have interaction readers within the ever-evolving panorama of digital finance.
Extra articles
Alisa, a devoted journalist on the MPost, focuses on crypto, AI, investments, and the expansive realm of Web3. With a eager eye for rising tendencies and applied sciences, she delivers complete protection to tell and have interaction readers within the ever-evolving panorama of digital finance.
Extra articles
