# \[CA] Bounty Distribution Rules

In HackenProof Audit Contests, rewards are distributed fairly across valid issues, based on **severity**, **uniqueness**, and **contribution quality**. This system prevents Sybil attacks and incentivizes meaningful, original submissions.

## 💰 Budget Allocation

Each audit contest has a fixed reward pool, which is divided by issue severity:

| Severity Category                  | % of Total Rewards |
| ---------------------------------- | ------------------ |
| Critical                           | 40%                |
| High                               | 30%                |
| Medium                             | 15%                |
| Gas Optimizations & Best Practices | 5%                 |

Only valid, [in-scope submissions](/crowdsourced-audit/vulnerability-classification.md) will be eligible for rewards.

## 🔒 Fairness and Sybil Protection

To prevent abuse (e.g., the same finding submitted from multiple accounts), we use a **Sybil-resistant formula** that rewards original, high-impact discoveries more than duplicated ones.

### 🧠 How it works:

If multiple researchers report the same issue, the reward for that issue is shared using the following formula:

```
Issue Weight = 1 × (0.9 ^ (N - 1)) / N
```

Where:

* `N` = number of researchers who submitted the same issue
* The **fewer** the reporters, the **higher** the reward each person receives

This ensures:

* Original submitters earn more
* Duplicate findings still get rewarded, but fairly
* Submitting the same issue under multiple accounts does not result in more money

## 🧮 Real Example (Critical Issues)

Imagine the Critical pool is **$40,000**, and we have:

* **Issue A** reported by 1 researcher → gets full weight
* **Issue B** reported by 2 → shared weight
* **Issue C** reported by 3 → shared with further reduced weight

Their weights:

* A = 1.00
* B = 0.45
* C = \~0.27\
  **Total weight = 1.72**

Rewards:

* Reporter of A: `(1 / 1.72) × $40,000 ≈ $23,255`
* Each reporter of B: `(0.45 / 1.72 / 2) × $40,000 ≈ $5,233`
* Each reporter of C: `(0.27 / 1.72 / 3) × $40,000 ≈ $2,093`

You’ll get a **higher payout if you’re the first and only one to find a valid issue**.

***

### 📌 Summary

* All issues which improve the security of the protocol are eligible.
* **Originality is rewarded** — submitting duplicates means smaller payouts.
* No rewards for **Low** or **Informational** issues.

***

If you have any questions, feel free to reach out to our team in the HackenProof Discord or support channel.

Happy hacking! 👾


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.hackenproof.com/crowdsourced-audit/ca-bounty-distribution-rules.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.