OADA Bug Bounty

Optim Labs
2 min readJun 12, 2024

With the upcoming launch of Optim’s OADA, it’s time to harness the power of open-source to further enhance the security and reliability of the smart contracts that underpin the protocol. Optim Labs is proud to continue our commitment to building secure, reliable and trustworthy decentralized applications on Cardano by inviting fellow developers and security researchers across the ecosystem to participate in our upcoming bug bounty program.

While all of the contracts have already undergone extensive auditing by Anastasia Labs, bug bounties to incentivize code review by the many talented engineers within the larger Cardano community are a testament of our dedication to upholding the highest standard of smart contract security. By utilizing the collective experience of talented Aiken developers we can further increase the confidence in the safety of our upcoming platform and our mission to provide quality products to our users.

The bug bounty will be for the OADA Core system.

Bug Bounty

The code subject to the bug bounty: github.com/OptimFinance/clean-code

50,000 ADA is the total amount up for grabs. Vulnerabilities will be classified into the following categories, with the classification and exact payout amount subject to Optim Labs discretion. The classification and descriptions come directly from Anastasia Labs.

  • Critical: This vulnerability has the potential to result in significant financial losses to the protocol. They often enable attackers to directly steal assets from contracts or users, or permanently lock funds within the contract.
  • Major: Can lead to damage to the user or protocol, although the impact may be restricted to specific functionalities or temporal control. Attackers exploiting major vulnerabilities may cause harm or disrupt certain aspects of the protocol.


  • Bug Bounty Program Runs for 2 weeks 6/12/24–6/26/24
  • Discover previously unreported vulnerabilities and report via a support ticket on our Discord server https://discord.gg/VZ329q7x69
  • Findings will be reported by Optim Labs at a future date once the issue is resolved
  • Include enough documentation to replicate the vulnerability. Provide a full description of the problem with at least a conceptual and accurate exploit mechanics given
  • First reporter of an issue receives the bug bounty