If you are using the Vaults System, then all payments, including goodwill payments, must be sent to whitehats via your vault. As with regular vault payments, Immunefi's 10% fee will automatically be added to the total amount.
Regarding assets currently supported, we recommend stablecoins and ETH, as whitehats prefer them, but projects are able to deposit any token on the Uniswap whitelist into their vault.
However, projects may only pay whitehats with whatever token is stated on their bug bounty program page. If per the terms of the bug bounty program page, the project is paying in a token that is not on the Uniswap whitelist, they must pay the whitehat manually via the Immunefi Dashboard, rather than through the vault.
Currently, there is no way to set up automated vested payments, so you will need to transfer funds from the vault manually for each payment installment.
For example, if you want to set up a 12 month vesting period, you will need to go to the report page every month to pay 1/12 of the reward.
No. If you would like an invoice, you can reach out to request one.
At this time, it is not possible to filter as we are in a beta testing period with projects wishing to launch vaults. We will be prioritizing this feature however, for the next iteration.
At this time, there is no yield generating capability but we are looking into developing this for a future iteration.