# Bug Bounty Program

Introduced & approved by the DAO in [PGP-28 l Immunefi Bug Bounty Program](https://gov.parallel.best/t/pgp-28-l-immunefi-bug-bounty-program/478), the Parallel Bug Bounty Program is live since June 30 2025 via ImmuneFi, and accessible here:

{% embed url="<https://immunefi.com/bug-bounty/parallel/information/>" %}

## Rules

A maximum reward of $250,000 USD is available for the most critical impacts of Parallel Protocol’s bug bounty program. Reward amounts are adjusted depending on the impact and the volume of the funds at risk (e.g. the maximum reward would only be paid if it is proven that a vulnerability would allow exploitation of protocol’s total value locked).

A minimum reward of $50,000 USD should be paid for other critical bugs in order to incentivize security researchers against withholding reports. Moreover, the validity of every single bug report is determined not by Immunefi, but by Parallel’s bug bounty program administrators. However, the Immunefi mediation team is available whenever there are any disputes in any of the bug report submissions. Cooper Labs, Mimo Labs, and the Immunefi teams determined these amounts according to industry best practices and by benchmarking the programs of similar projects on our platform.

The complete program rules can be analyzed [here](https://immunefi.com/bug-bounty/parallel/information/).

Mimo Labs and Cooper Labs have been appointed as administrators of the bug bounty program. They are responsible for validating bug reports and have the authority to transfer funds from the insurance fund without proposal, conditioned to a post detailing the bug found, the amount paid and its resolution. They can also update the program at any time.

The bug bounty program service includes the hosting and design of the bounty program, a co-marketing plan, 24/7 coverage managed triage plan, one mitigation review, and free access to a Safe Harbor module. This means Immunefi’s internal triage team filter all spam and low-quality reports, and manage other initial engagements with the security researchers as per its [Time Saver plan](https://immunefi.com/managed-triage/), helping to minimize the time triaging reports by Parallel’s administrators. Immunefi’s Safe Harbor is a legal framework developed by the Security Alliance (SEAL) for protocols to empower whitehat security researchers to rescue funds during a blackhat attack and redirect those funds back to a protocol-controlled vault on Immunefi’s platform, in exchange for up to 60% of the max critical reward to deter against abuses.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.parallel.best/security/bug-bounty-program.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.