Report Date
December 25, 2023
Status
Confirmed
Payout
1,000
Attack due to permit in Beanstalk root contract
‣
BIR-8: Root Permit Redemption Griefing
BIC Response
After reviewing your bug report, we believe that it is in scope for our bug bounty program and the threat level is Medium.
Based on our bounty page, this submission's ( Smart Contract - Medium ) reward is based on a set of internal criteria established by the BIC (with a minimum reward of USD 1 000), primarily taking into account the exploitability of the bug, the impact it causes and likelihood of the vulnerability presenting itself.
The BIC determined that the impact of this issue is low given the that the Root contract is not functional (Roots cannot be redeemed as a result of the Beanstalk Silo V3 upgrade) and the low value of assets in the contract. For these reasons, the BIC has determined that this bug report be rewarded 1,000 Beans.