Skip to main content
Avana icon

Bug Bounty

Responsible disclosure scope and economic-impact triage for Avana security research.

Overview

The Avana Bug Bounty is a core part of the protocol's security model. It is designed to incentivize responsible disclosure across smart contracts, risk systems, and supporting infrastructure that can affect user funds or protocol solvency.

Avana introduces a lending system where AMM liquidity positions are used as collateral. That creates a security surface where risk is defined not only by contract correctness, but also by how liquidity, pricing, and market dynamics are translated into collateral value.

Severity is economic first: rewards are determined by exploitability and real outcomes such as fund loss, insolvency, bad debt, or systemic collateral mispricing, not just by the apparent size of the code bug.

Scope & System Architecture

Avana separates its bug bounty into distinct subsystems so triage mirrors how risk actually manifests across lending, valuation, governance, and integrations.

Program A - Core Lending

Covers the primary credit engine where accounting integrity, collateralization, and liquidation execution directly protect user funds.

Includes

  • Deposit / withdraw flows
  • Borrow / repay logic
  • Health factor and interest accrual
  • Reserve accounting and debt mint / burn
  • Liquidation core execution and caps

Primary risks

  • Theft of user funds
  • Reserve insolvency
  • Undercollateralized borrowing
  • Blocked repayments, withdrawals, or liquidations

Program B - LP Collateral & Valuation

Covers the Avana-specific valuation system for LP-backed credit, including how LP positions are priced, risk-weighted, and stress-tested under volatile market conditions.

Highest sensitivity

Includes

  • LP token onboarding logic
  • Collateral factor assignment for LP positions
  • LP share pricing and oracle integration
  • Concentrated liquidity position handling
  • Edge cases during imbalance, depegs, low liquidity, or stale oracle states

Primary risks

  • Overvaluation of LP collateral
  • Oracle manipulation enabling bad debt
  • Unfair liquidation from underpricing
  • Recursive exploit paths against mispriced LP collateral

Why it matters: This subsystem carries the highest severity ceiling because LP mispricing can create bad debt, insolvency, or unfair liquidations without requiring a traditional contract-drain exploit.

Program C - Governance, Admin, and Protocol Infrastructure

Covers privileged control surfaces that can alter parameters, upgrade contracts, pause operations, or redirect protocol-owned assets.

Includes

  • Governance executor and timelock
  • Role management and upgradeability mechanisms
  • Pause / guardian roles
  • Parameter admin systems
  • Treasury, collector, and privileged automation contracts

Primary risks

  • Unauthorized admin action
  • Upgrade hijack
  • Parameter corruption
  • Governance takeover or treasury loss

Program D - Offchain / Integration Surfaces

Covers supporting systems whose compromise can influence trusted protocol operations, user interactions, or keeper behavior.

Includes

  • Indexing or liquidation bots maintained by Avana
  • Keeper assumptions and oracle relays
  • SDK logic that can induce unsafe interactions
  • Hosted APIs used in safety-critical paths
  • Frontend issues with direct wallet-risk consequences

Primary risks

  • Malicious transaction construction
  • Compromised liquidation or oracle relay paths
  • User fund loss through trusted integrations
  • Operational outages that freeze critical actions

Each subsystem is evaluated independently during triage, but impact is always assessed holistically across solvency, user safety, liquidation integrity, and protocol-wide trust assumptions.

Severity Philosophy

Avana does not use generic vulnerability scoring as its primary severity model. Findings are judged by credible exploit paths and real economic consequences.

Critical

Direct or indirect fund loss, creation of bad debt, protocol insolvency, or systemic manipulation of collateral valuation.

High

Meaningful but bounded damage, such as incorrect liquidation behavior, partial bypass of risk controls, or contained accounting failures.

Medium / Low

Limited-impact findings, edge-case inconsistencies, non-critical logic issues, or vulnerabilities without a credible path to major economic harm.

A minor-looking implementation flaw can still be critical if it enables LP overvaluation or bad debt, while a technically interesting bug may be rated lower if it lacks a credible path to meaningful financial damage.