Add Depot, Pipeline and Root token to Immunefi per BIC + Beanstalk assets language

  • clarify that unexpected outcomes due to improper usage of Pipeline do not warrant a bounty

  1. add paradox as well to immunefi on top of pipeline/depot/root token
  2. have bounty be a function of Beans/BDV at risk
  3. being able to actively damage Beanstalk is different from having used Beanstalk and being exposed to risk
  4. probably have BIC update the program to specify damage to Beanstalk

PoC should simply be set of clear instructions for duplicating bug that causes damage

even better if there's a code snippet such that it can be copy/pasted and then run to see the output

transferTokenFrom report was a good example of this

5% for circulating non-Bean assets