Hacker reward ceiling

We are overwhelmed by the support that Hats is receiving through early deposits to Hats vaults totaling more than $1m of value. For us, it feels like a strong validation to Hats vision. In this article, we will introduce the Hacker reward ceiling that adds an extra layer of protection that can help Hats to gradually allow more value to be added to the vaults.


  • Hacker reward ceiling — Determined by Hats governance, which allows control of the deposited amount that can be staked on Hats vault. Withdrawals are available as always.
  • Hats risks factor — Interacting with Hats.finance platforms does not come without risks; the user should do his/her research and understand the risks.
  • Governance risks- Hats governance controls the protocol parameters. Governance can set a long period for withdrawal request time and essentially pause withdrawals indefinitely.

Hats.Finance is a decentralized cybersecurity incentive protocol with the objective to become the biggest cybersecurity marketplace for crypto projects and hackers. Hats.Finance allows any project, big or small, to place an existing or new bounty, along with their governance token, to incentivize hackers to disclose smart contract vulnerabilities and improve the overall security and credibility of their project.

When it comes to DeFi, what you don’t know CAN hurt you. Our security layer adds an extra layer of protection, builds credibility within your community, and earns the respect of the hacker community.

Hacker reward

Today, hackers’ efforts can go unnoticed, and their work is often underfunded.At Hats.Finance we believe hackers should be well-remunerated for being key components in the growth and security of blockchain technologies. Hats aims to have the largest and the most significant incentives for hackers that submit the vulnerability through Hats dApp. We believe that the future of cybersecurity will start by incentivizing hackers, and we are willing to go the extra mile to ensure Hats will successfully come into fruition.

We are aware that the biggest two indicators of smart contract security are the contract deployment time and funds at risk. As of today, Hats contracts have been deployed on mainnet after 1 month of launching our testnet bounty of 100k USDC. The Hats contract also holds around $1M of user’s funds since the last few weeks.

Our main focus remains to onboard new projects, and prepare for the next step of liquidity mining and creating our own HAT-ETH pool. This will ensure more opportunities for the community to create revenue.

Deposit ceiling

Hats remain intentional in ensuring that we are constantly adding security layers to our dApp, reducing the risks on users’ funds. One of those safety measures is to enable the locked funds in the protocol to increase gradually, stopping deposits in Hats.finance, and opening them up after some time. The Hacker reward ceiling will go into effect as from today, while the withdrawals are available as always

We are excited about the rapid growth of the project since its launch at the end of August 2021. We saw the need for hackers and security enthusiasts to be incentivized for their work, and since the launch, we have seen the vaults grow. The beauty of permissionless protocols is that anyone can deposit and withdraw the tokens they are holding, as we believe this will be a determinant factor in the success of Hats.

The purpose behind the deposit ceiling is to allow Hats contracts to collect mileage and gain confidence from the community.

Key Components:

  • Onboarded vault taking their time to review, and audit Hats contracts.
  • List Hats.Finance risk factors — please read it carefully.

The hacker reward ceiling, determined by Hats governance, allows control of the deposited amount, which can also be staked on the Hats’ vaults. Eventually, we will be able to onboard new projects without the required deposit, and those vaults will become available closer to the Hat’s liquidity mining event.

Risk factors

  • Smart Contract and Software Risks

While all Hats.finance smart contracts were audited, and each of the onboarded, and soon to join vaults, checked the smart contracts carefully, security audits do not eliminate risks completely. Please only supply funds that you can afford and are willing to lose.

  • Governance and $HAT token risks

Hats governance does not control user funds. However, the governance does control the protocol parameters such as withdrawal request period, withdrawal period, and allocation points per vault. Those parameters can affect the reward given to hackers and the availability of user funds for withdrawal.

Governance can set a long period for withdrawal request time and essentially pause withdrawals indefinitely.

The data presented on the website regarding Hats distribution might not reflect the actual user distribution for two reasons:

  • There might be calculation errors in the website front end.
  • Hats governance DAO can decide to change the Liquidity mining distribution.

Interested in joining Hats?

Hats efforts are only possible with the support of the community that builds around it. We are always looking for devs and security experts that are interested in joining us. If you want to contribute to the security of the Ethereum ecosystem and you know Solidity or React, please contact us and we’d be more than happy to help onboard you.

As always, follow us on Twitter or join our Discord server to let us know what you want to help with.

  • 🎮 Discord, please join and introduce yourself.
  • 🐦 Twitter, follow for updates and news.
  • ✉️ Telegram, Follow for updates and discussion




Hats.Finance a decentralized smart bug bounty marketplace. Permissionless, scalable, and open bug bounty protocol that allows anyone to provide liquidity.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Could Blockchain Prevent the Internet of Vulnerable Things?


Lapsus$ group’s rampage, “protestware” and Ukraine deepfakes

{UPDATE} Addictive Race and Police Chase Hack Free Resources Generator

How to find a Private Key? by Fungle

What is a “Firewall”?

A Pentester’s Guide to Server Side Template Injection (SSTI)

Polyverse Weekly Breach Report

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Hats.Finance a decentralized smart bug bounty marketplace. Permissionless, scalable, and open bug bounty protocol that allows anyone to provide liquidity.

More from Medium

DamoTalks#37 Recap: Conversation with Alpaca Finance, BSC’s Blue-chip Lending Platform

Metatime Beta Feedback II

Gyroscope Level 4: enter the Frog Games

How does Arc Finance innovate the DeFi governance model and mining approach to better realize value…