Zeus
Thinking about it, might be possible to supplement monetary incentive w/ a "clout" based NFT incentive. Something like OHM minting a number of exclusive NFTs which are only distributed to bug/exploit finders. In addition to being worth something, they also functionally act as a letter of recommendation on that dev's "resume" for any future jobs in the white hat field. So with that in mind a potential structure could be:
1) Standing two tier bug bounty:
1a) Flat $X,000 reward for any bugs/exploits found which would not result in loss of user or treasury funds. Plus an exclusive Tier-1 Ohmie Bug-Slayer (or however you want to brand it) NFT marking the user who it was given to as a proven capable white hat and good actor.
1b) Flat $Y,000 reward for any bugs/exploits found which WOULD result in loss of user or treasury funds, plus Z% of the potential loss from that exploit (edit; capped at some % of RFV treasury). Plus an exclusive Tier-2 Ohmie Giga-Slayer NFT marking the user who it was given to as a proven capable white hat and good actor.
2) Plus some sort of regularized audit from a third party auditing service. Can't say whether this would be quarterly, semi-annual, monthly, etc. as I don't know the costs of that or what the appropriate scheduling would be.