Decentralized lending protocol, C.R.E.A.M. Finance, today announced it will work with Immunefi, Armor.fi, and DeFiSafety to bolster security on the C.R.E.A.M. app and decentralized finance (DeFi) ecosystem.
The security campaign will continue this week with the launch of a $1.5 million bug bounty program with Immunefi and work to strengthen the C.R.E.A.M’s protocol, API, and website security.
“Security is the key to maturing the decentralized finance ecosystem and bringing emerging financial technology to more users across the globe. We are delivering increased project transparency through DeFiSafety, preventing hacks with Immunefi, and providing a clear path for users to buy insurance coverage with Armor.fi.”
– Leo Cheng, Co-Founder and Project Lead at C.R.E.A.M. Finance
This Immunefi bug bounty adds to C.R.E.A.M. Finance’s continued work to strengthen its ecosystem through a series of audits, bug bounties, and security features, including a comprehensive audit by Trail of Bits earlier this year.
The bug bounty will focus on the C.R.E.A.M. Finance smart contracts and the prevention of exploits on user funds, its web and app assets, and data breach vulnerabilities while providing clear incentives to whitehats who disclose vulnerabilities found in the protocol.
All rewards of the bounty will be distributed based on the simplified 5-level scale outlined in the Immunefi Vulnerability Severity Classification System.
There are separate scales for websites/apps and smart contracts/blockchains, encompassing everything from the consequence of exploitation to privilege required to the likelihood of a successful exploit.
In addition to the bug bounty with Immunefi, C.R.E.A.M. Finance will work with Armor.fi to provide users the ability to protect their funds against an exploit. Armor.fi incentivizes other DeFi users to underwrite the risk of the listed protocols by providing rewards to those that saddle the risk.
C.R.E.A.M. Finance received a score of 83% in an independent safety review by DeFiSafety, a company that provides third-party comprehensive verification on project quality, risk, and transparency. NB: A score of over 70 points is considered a passing score.