# Morpheus Bug Bounty Program

Public bug bounty programs are a critical part of Morpheus’ robust cybersecurity strategy. By engaging a global community of security researchers and ethical hackers with diverse expertise, potential vulnerabilities can be identified and resolved before they are exploited.

Morpheus offers rewards ranging from **$500 to $150,000** for eligible discoveries, depending on the severity of the vulnerability. The rewards are paid from a [Protection Fund.](/security-audits/protection-fund.md)

### Scope:

* **Primary Scope**: Vulnerabilities in the on-chain Morpheus Protocol contracts listed in [Smart Contracts](/smart-contracts.md).
* **Secondary Scope**: Vulnerabilities in the Morpheus [**User Interface**](https://dashboard.mor.org/#/capital?network=mainnet) that could lead to the exploitation of user accounts.
* **Out of Scope**: Test contracts (Sepolia or other testnets) and contracts built by third-party developers unless they affect the Morpheus Protocol or Interface.

To learn more about the full terms, eligibility criteria, and disclosure process, follow this [link](https://github.com/MorpheusAIs/Docs/blob/main/Security%20Audit%20Reports/Bug%20Bounty%20Program.md).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://gitbook.mor.org/security-audits/morpheus-bug-bounty-program.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.