Skip to main content
We at Relay are committed to maintaining the highest security standards for our protocol and smart contracts. That’s why we are launching a bug bounty program for those who help us identify vulnerabilities in the Relay Protocol. With our bounty, we hope to incentivize ethical hackers to discover and report vulnerabilities in our contracts and protocol. Rewards will be dependent on the severity of the bug. We always provide monetary rewards for bugs that fall under these categories:
  • Extract value from the solver
  • Exploiting our smart contracts in an unintended way that results in a loss of funds
To be eligible for the monetary rewards, this bug must be investigated and confirmed by our team. Monetary reward amounts are 10% of the value at risk, with a maximum reward capped at $100,000 USD. “Value at risk” is defined as the total value that could be extracted within a 10 minute period. This is because our product has automatic circuit breakers and alarms that would prevent losses that take longer to extract.

Reward Process & Requirements

To receive a bounty reward, the following requirements apply:
  • KYC & Background Check: A KYC (Know Your Customer) verification and background check are required before any reward can be issued.
  • Payment: Bug bounty rewards are issued in cryptocurrency.
  • Tax Documentation: Any tax-related documentation requirements (e.g., W-8BEN, W-9, or equivalent forms depending on jurisdiction) will be addressed as part of the KYC process.
If you suspect you’ve encountered a bug, please reach out directly by email: support@relay.link. We review all reports closely with the team. We will get back to you within 1 to 4 days regarding the next steps. Most responses are provided within 24 hours, barring holidays and weekends.