Frax Finance ¤
Search…
English 🇰🇾
Frax: Fractional-Algorithmic Stablecoin Protocol
Whitepaper (Core) - Frax v1
Introduction
Price Stability
Minting and Redeeming
Frax Shares (FXS)
Buybacks & Recollateralization
Liquidity Programs & Staking
Conclusion
FRAX V2 - Algorithmic Market Operations (AMO)
AMO Overview
FXS1559
Collateral Investor
Curve
Uniswap v3
Collateral Hedge
FRAX Lending
Tornado Cash
Decentralization Ratio (DR)
veFXS & Gauges
veFXS
Gauge
Cross Chain FRAX & FXS
Bridge Mechanism
Frax Price Index
CPI Peg & Inflation Hedge
Frax Price Index Share (FPIS)
Unit of Account
Oracle
FPI Controller Pool
Fraxswap
Technical Specifications
Protocol Uses & DAO to DAO Swaps
Token Distribution
Frax Share (FXS)
Guides & FAQ
FAQ
Staking
Uniswap Migration / Uniswap V3
FraxSwap / FPI
Matic / Polygon
Avalanche
BSC
Fantom
Harmony
Moonriver
Smart Contracts
All Contracts
Frax (FRAX)
Frax Share (FXS)
Multisigs
Frax Pools
Governance
Oracle
Staking
Curve AMO
AMOs
AMO Minter
Miscellaneous & Bug Bounty
API
Combined Data
Staking / APRs
Other
Audits
Media Kit / Logos
Powered By GitBook
Miscellaneous & Bug Bounty
Oracle updater bot: 0xBB437059584e30598b3AF0154472E47E6e2a45B9
Utility / helper contract deployer: 0x36a87d1e3200225f881488e4aeedf25303febcae

Front Running Mitigation & Testing Environments

Frax Protocol testing suite uses Hardhat+Truffle (with Ganache support) on all testing scripts. Front running of smart contracts are mitigated on system contracts since swaps have ceiling sizes. Thus, Frax Protocol front running is dependent on protocols that AMOs mint into rather than endogenous system contracts.

Frax Bug Bounty

Frax Finance provides one of the largest bounties in the industry for exploits where user funds are at risk or protocol controlled funds/collateral are at risk. The bounty is simply calculated as the lower value of 10% of the total possible exploit or $10m worth paid in FRAX+FXS (evenly split). Both tokens are immediately liquid. The bounty will be delivered immediately or a maximum turnaround time of 5 days due to timelock+mitigation. Slow arbitrage opportunities or value exchange over a prolonged period is not applicable to this bounty and will receive a base compensation bounty of 50,000 FRAX.
Note: This bounty does not cover any front-end bugs/visual bugs or any type of server-side code of any web application that interacts with the Frax Protocol. The above bug bounty is only for smart contract code. Smart contract code on any chain that manages Frax Protocol value and/or user deposited value is included in this bounty.
Contacts: you can reach out anonymously through any communication channel including Twitter, Telegram, Discord, or Signal.

FraxSwap / FPI Bug Bounty

We are also offering a bug bounty up to 15% of the TVL at risk, payable in FRAX, to anyone that discovers and discloses to us a catastrophic bug that causes any:
  1. 1.
    Infinite mints
  2. 2.
    Permabricking anything
  3. 3.
    Insta-drain of FraxSwap TWAMM token0/token1 reserves
  4. 4.
    Insta-drain of FPIControllerPool FRAX reserves
If there are smaller bugs / math errors, etc that leak smaller, but significant amounts of tokens over time, we will pay on a case-by-case basis.
Smart Contracts - Previous
AMO Minter
Next - API
Combined Data
Last modified 1mo ago
Export as PDF
Copy link
Contents
Frax Bug Bounty
FraxSwap / FPI Bug Bounty