Immunefi
Blog
Platform
Bug Bounty ProgramsPR ReviewsAuditsAudit CompetitionsInvite OnlySafe HarborVaultsManaged TriageHelp Center
Security Researchers
Help for WhitehatsAll StarsLearnLeaderboardImmunefi Top 10 BugsWhitehat AwardsWhitehat Hall of FameReport FindingsResponsible Publication
LoginExplore bountiesGet Protected
Back to Explore
Audit Comp | Folks Smart Contract Library-logo

Audit Comp | Folks Smart Contract Library

|

Folks Finance is a leading DeFi platform providing innovative tools for lending, borrowing, trading and managing digital assets, all in one place. The Folks Smart Contract Library is a curated, modular collection of audited, reusable smart contracts designed to accelerate development on the Algorand blockchain. The library allows you to focus on your business logic by abstracting away common patterns and security mechanisms.

Algorand
Python

Live

8d: 5h remaining
Primary Pool
$21,000
All Stars Pool
$6,000
Podium Pool
$3,000
Start Date
07 July 2025
End Date
21 July 2025
Rewards Token
USDC
Lines of Code
440

  • Triaged by Immunefi

  • Step-by-step PoC Required

Submit a Bug
InformationScopeResources

Documentation

Title
Folks Smart Contract Library
Description
Documentation
Link
Title
Unit Testing
Description
Unit testing which may help in understanding how the smart contracts are intended to be called and operate.
Link
Title
Algorand Python
Description
Coding language information
Link
Title
Technical Walkthrough
Description
Deep dive into the Folks Finance Smart Contract Library, led by Gidon from the Folks Finance team
Link
Go to Audits & Known Issues

Asset Accuracy Assurance

  • Bugs found on assets incorrectly listed in-scope will be considered valid and be rewarded.

Private Known Issues Reward Policy

  • Private known issues, meaning known issues that were not publicly disclosed, are valid for a reward.

Primacy of Impact vs Primacy of Rules

  • Folks Finance adheres to the Primacy of Rules, which means that the whole Audit Competition program is run strictly under the terms and conditions stated within this page.

KYC Requirement

  • No KYC is required for the Folks Smart Contract Library Audit Competition

Eligibility Criteria

  • Security researchers who wish to participate must adhere to the rules of engagement set forth in this program and cannot be:
    • On OFACs SDN list
    • Official contributor, both past or present
    • Employees and/or individuals closely associated with the project
    • Security auditors that directly or indirectly participated in the audit review

Responsible Publication

  • Whitehats may publish their bug reports after they have been fixed & paid, or closed as invalid, with the following exceptions:

    • Bug reports in mediation may not be published until mediation has concluded and the bug report is resolved.

  • Immunefi may publish bug reports submitted to this Audit Competition and a leaderboard of the participants and their earnings.

Feasibility Limitations

  • When there is uncertainty about how feasible an attack is Immunefi will use our feasibility limitation standards to determine the severity of the report.

Immunefi Standard Badge

  • By adhering to Immunefi’s best practice recommendations, Flare Network has satisfied the requirements for the Immunefi Standard Badge.