Skip to main content

Hunt Points Program

How the Points Work

How the Points Work

The Hunt Points Program, launched by the Immunefi Foundation, is designed to reward security researchers for making impactful security outcomes for the onchain economy via Immunefi.

Points are earned based on valid bug reports submitted on or after October 23, 2025, and take into account severity, payout amount, program type, and overall earnings milestones.

The goal is to fairly recognize and reward both impactful discoveries and consistent contributions.

Here’s how the points system works. 

1. Eligible Reports

  • Only valid reports earn points.
  • Unconfirmed reports are not rewarded.
  • If a report is classified as “None” or “Insight,” it still earns a small number of points as recognition for useful input.

For example: 

  • “None” reports earn 3 points.
  • “Insight” reports earn 5 points.
  • A valid Low severity report starts with 7 points.

2. Severity Multipliers

Reports with a higher severity earn more points. Each severity level builds upon the base value for a Low report.

  • Medium reports are multiplied by 1.2, giving roughly 8 points.
  • High reports are multiplied by 1.5, giving roughly 11 points.
  • Critical reports are multiplied by 2, giving roughly 14 points.

This helps reflect the greater impact of serious vulnerabilities.

3. Payout Value Modifier

The payout amount also affects how many points a report earns. Higher-value reports increase total points to recognize financial impact.

For example, reports with payouts starting at $500 receive a small boost, while those worth $1,000,000 or more earn the highest modifier.This ensures that even medium-severity issues with significant payouts get the credit they deserve.

4. Product Type Modifier

Different types of programs have different levels of impactful reports. To balance this, reports from Attackathons or audit competition programs receive slightly fewer points to account for duplicates. 

  • Bug bounty reports are multiplied by 1
  • Invite-Only Programs are multiplied by 1
  • Audit competitions/attackathons are multiplied by 0.8

5. Earning Threshold Bonuses

Security researchers who consistently earn more through valid reports receive bonus multipliers. As your total earnings grow, your overall Hunt Points for that period are multiplied.

For example, reaching $10,000 in earnings gives a 1.25x multiplier, while hitting $1,000,000 earns a 10x multiplier.

This rewards sustained performance and dedication over time.

Summary

The Hunt Points Program rewards:

  • Valid, impactful reports
  • Meaningful payouts
  • Consistent, long-term contribution

It’s built to ensure fairness, encourage depth in research, and recognize those who help make the ecosystem more secure.

Note: we may update the points system to better reward meaningful security contributions.