Skip to main content


Bug bounty program

In line with our strategy of being the safest way for users to access crypto:

  • Coinbase will be extending our best-in-industry million-dollar HackerOne bug bounty program to cover the Base network, the Base bridge contracts, and Base infrastructure.
  • Coinbase will be working in tandem with OP Labs to harden the security guarantees of Bedrock and accelerate the timeline for decentralized fault-proofs on the OP Stack.
  • Coinbase's bug bounty program will run alongside Optimism's existing Immunefi Bedrock bounty program to support the open source Bedrock OP Stack framework.

Reporting vulnerabilities

All potential vulnerability reports can be submitted via the HackerOne platform.

The HackerOne platform allows us to have a centralized and single reporting source for us to deliver optimized SLA's and results. All reports submitted to the platform are triaged around the clock by our team of Coinbase engineers with domain knowledge, assuring the best quality of review.

For more information on reporting vulnerabilities and our HackerOne bug bounty program, view our security program policies.