Security and Audit

Independent Audits

OnRe undergoes independent audits across both our smart contract infrastructure and our reinsurance operations. We work with established third-party partners to review our systems, identify potential vulnerabilities, and validate that our technical and operational controls meet industry and regulatory expectations.

Our smart contracts are audited by leading blockchain security firms, and our reinsurance framework is independently assessed to confirm compliance, risk management standards, and operational accuracy.

Audit reports and summaries will be shared with the community as they become available, supporting our commitment to transparency and trust.

Bug Bounty Program

OnRe operates an active bug bounty program on Immunefi, connecting security researchers and ethical hackers with our team to help identify and report potential vulnerabilities. Issues can be submitted directly through Immunefi or reported to us privately.

All reported vulnerabilities are reviewed by OnRe’s engineering team and addressed as needed. Relevant details and remediation notes are documented in our GitHub repository once fixes are completed.

Reward amounts depend on the severity of the vulnerability. Low-severity issues may receive up to USD 1,000, medium-severity issues up to USD 2,000, and high-severity issues up to USD 5,000.

Immunefi receives a 10% fee on top of the reward.