We are committed to maintaining the highest security standards for our systems and our users. As part of this commitment, we are announcing the following Bug Bounty Program, detailed below. This program is designed to encourage and reward security researchers and ethical hackers for identifying and reporting potential security vulnerabilities in our systems.

Scope:

We welcome submissions that identify vulnerabilities in our smart contracts, web applications, and APIs. Submissions should focus on finding significant security issues that could potentially impact the integrity or availability of our data, or users' funds and data.

Rewards:

For smart contract vulnerabilities:

• Critical - up to $20,000 USDC

• High - up to $10,000 USDC

• Medium - up to $5,000 USDC

• Low - up to $2,000 USDC

For web vulnerabilities:

• Critical - up to $5,000 USDC

• High - up to $3,000 USDC

• Medium - up to $1,000 USDC

• Low - up to $500 USDC

Rules:

• Do not engage in any activity that can harm Olive or its users.

• Provide us with a reasonable amount of time to fix the issue before any public disclosure.

• Do not exploit any vulnerability you find for any reason.

• Adhere to all applicable laws and regulations.

Legal:

Participation in our Bug Bounty Program is subject to our terms and conditions. By submitting a report, you agree to these terms, which include confidentiality provisions and a release of claims against Olive.

Submission:

Bug submissions can be disclosed to bugbounty@oliveapp.finance.