Status
Done
Assigned
guy
- clarify that unexpected outcomes due to improper usage of Pipeline do not warrant a bounty
- add paradox as well to immunefi on top of pipeline/depot/root token
- have bounty be a function of Beans/BDV at risk
- being able to actively damage Beanstalk is different from having used Beanstalk and being exposed to risk
- probably have BIC update the program to specify damage to Beanstalk
PoC should simply be set of clear instructions for duplicating bug that causes damage
even better if there's a code snippet such that it can be copy/pasted and then run to see the output
transferTokenFrom report was a good example of this
5% for circulating non-Bean assets