Skip to main content

Hunt Points Program Airdrop

How the Points Work

How the Points Work

UPDATE: As of Nov 13, 2025, Santa has given an early Christmas gift of Hunt points to security researchers to help them get through a long winter of hunting.

The Hunt Points Program, launched by the Immunefi Foundation, is an airdrop program designed to reward security researchers for making impactful security outcomes for the onchain economy via Immunefi.

Points are earned based on valid bug reports submitted on or after October 23, 2025 that have also been paid, and take into account severity, payout amount, program type, and overall earnings milestones.

The goal is to fairly recognize and reward both impactful discoveries and consistent contributions.

Here’s how the points system works. 

1. Eligible Reports

  • Only valid + paid reports earn points.
  • Unconfirmed reports are not rewarded.
  • If a report is classified as “None” or “Insight,” it still earns a small number of points as recognition for useful input.

For example: 

  • “None” reports earn 3 points.
  • “Insight” reports earn 5 points.
  • A valid Low severity report starts with 7 points.

2. Severity Multipliers

Reports with a higher severity earn more points. Each severity level builds upon the base value for a Low report.

  • Medium reports are multiplied by 1.2, giving roughly 8 points.
  • High reports are multiplied by 1.5, giving roughly 11 points.
  • Critical reports are multiplied by 2, giving roughly 14 points.

This helps reflect the greater impact of serious vulnerabilities.

3. Payout Value Modifier

The payout amount also affects how many points a report earns. Higher-value reports increase total points to recognize financial impact.

For example, reports with payouts starting at $500 receive a small boost, while those worth $1,000,000 or more earn the highest modifier.This ensures that even medium-severity issues with significant payouts get the credit they deserve.

4. Product Type Modifier

Different types of programs have different levels of impactful reports. To balance this, reports from Attackathons or audit competition programs receive slightly fewer points to account for duplicates. 

  • Bug bounty reports are multiplied by 1
  • Invite-Only Programs are multiplied by 1
  • Audit competitions/attackathons are multiplied by 0.8

5. Earning Threshold Bonuses

Security researchers who consistently earn more through valid reports receive bonus multipliers. As your total earnings grow, your overall Hunt Points for that period are multiplied.

For example, reaching $10,000 in earnings gives a 1.25x multiplier, while hitting $1,000,000 earns a 10x multiplier.

This rewards sustained performance and dedication over time.

Summary

The Hunt Points Program rewards:

  • Valid, impactful reports
  • Meaningful payouts
  • Consistent, long-term contribution

It’s built to ensure fairness, encourage depth in research, and recognize those who help make the ecosystem more secure.

Note: we may update the points system to better reward meaningful security contributions.