Guardian Bounty Contest Terms & Conditions
Last Updated July 2, 2025.
1.1 This bounty contest program (“Contest”) is available solely to smart contract protocols (“Protocols”) that: (i) have completed a security audit with Guardian Enterprises LLC (“Guardian,” “we,” or “us”); (ii) have been explicitly approved for deployment by Guardian (see Section 6.3); and (iii) have received written confirmation from Guardian, after the audit is complete, that they have been selected to participate in a Contest.
1.2 Participation is by invitation only and subject to Guardian’s sole discretion. Guardian reserves the right to determine eligibility at any time and may revoke or deny participation without liability or obligation to provide justification or notice.
2.1 The Bounty Contest will be hosted by Guardian and run for thirty (30) calendar days from launch (“Contest Period”), during which independent security researchers (“Auditors”) may submit vulnerability reports against the Protocol’s audited codebase.
2.2 Guardian will fund a fixed bounty pool (“Critical Pot”) for valid submissions classified as Critical Findings, based on the following conditions. The size of the Critical Pot will vary by contest and will be specified in the corresponding contest agreement.
a. Definition: A “Critical Finding” means any vulnerability which, under normal operating conditions of the Protocol and without exotic or contrived preconditions, allows an attacker to steal, lock, or otherwise irreversibly compromise access to more than twenty percent (20%) of the total user or protocol funds deployed or accessible within the smart contracts.
b. Judge Panel: All submissions will be evaluated by two (2) judges — one appointed by Guardian and one by the Protocol. Both judges must agree in writing that a submission qualifies as a Critical Finding for it to be eligible for payout. This determination must be documented and is final.
c. Unique Finding: Only the first validated submission of a Critical Finding (“Known Finding”) will be eligible. Duplicate or substantially similar vulnerabilities — including those submitted on other platforms — will be considered ineligible.
d. Disqualification: Any Auditor who tampers with live or testnet contracts, engages in malicious activity, submits findings from other platforms, or is reasonably suspected of collusion or fabrication will be disqualified from the Contest.
e. Format Disclosure: This Contest is structured as a “beat the auditor” challenge held on a first-come-first-serve basis. The Critical Pot will only be awarded if at least one Critical Finding is validated by both judges. There is no guarantee of payout if no valid Critical Findings are received.
3.1 The Critical Pot will be funded and held solely by Guardian. No other party shall have custody, control, or disbursement authority.
3.2 Guardian will disburse rewards directly to qualifying Auditors upon validation. No portion of the Critical Pot will be awarded unless a Critical Finding is validated and agreed upon by both judges.
3.3 To receive payout, Auditors must:
Failure to meet these requirements may result in delayed or canceled disbursement.
3.4 The Critical Pot is not guaranteed to be distributed.
3.5 Guardian is not responsible for rewards offered separately by the Protocol. Any such side rewards must be clearly disclosed and are entirely separate from the Guardian bounty.
3.6 Guardian retains full discretion over payment processing, and reserves the right to verify all documentation before releasing funds.
4.1 The Bounty Contest applies only to vulnerabilities in the final, approved smart contract codebase. Post-audit changes, frontend, backend, or infrastructure bugs are out of scope unless explicitly included.
4.2 Guardian is not responsible for any reward mechanisms created or funded separately by the Protocol.
4.3 Findings submitted to other platforms prior to this Contest that are similar in root cause or impact will not be eligible for payout under this Contest.
5.1 Guardian retains full discretion over contest selection, bounty funding, judge participation, disqualification, and final payout approval.
5.2 Guardian may amend these Terms at any time, including retroactive application to active or ongoing Contests. The most recent version will always govern current participation. All decisions by Guardian and judges are final and not subject to appeal.
6.1 These Terms shall be governed by the laws of the State of Delaware, United States. Disputes shall be resolved exclusively under the Delaware Rapid Arbitration Act (10 Del. C. §§ 5801 et seq.).
6.2 Guardian makes no warranties, express or implied, regarding the Bounty Contest. Guardian is not liable for indirect, incidental, punitive, or consequential damages arising from participation.
6.3 Agreement: These Bounty Contest Terms & Conditions (the “Terms”) constitute a binding agreement (the “Agreement”) between Guardian Enterprises LLC and the Protocol selected to participate in a Guardian-hosted bounty contest.
By participating in the Contest, all parties acknowledge and agree to these Terms and Conditions.