Immunefi Launches On-Chain Bug Bounty System
Immunefi, a blockchain security platform, has unveiled an on-chain system for bug bounties, as announced on Sept. 26. The new system, dubbed “Vaults,” enables Web3 developers to store funds in an on-chain address and use them to pay out bug bounties to white hat hackers.
Immunefi believes that the new system will lead to more high-quality bug reports as it will demonstrate to whitehats that sufficient funds have been allocated for bounties.
Software developers often offer rewards, known as bug bounties, to hackers who find security flaws or other bugs in their software. This allows vulnerabilities to be discovered before malicious actors can exploit them. Hackers who submit bug reports in exchange for rewards are referred to as “white hat” hackers, while “black hat” hackers use their knowledge for malicious purposes.
As stated in the announcement, the Immunefi system enables projects to deposit bug bounty funds to a Safe multisig smart contract (formerly known as a “Gnosis Safe”). This provides white hats with on-chain evidence that the funds are available. Once a bug has been submitted and verified by a project, the funds can be released to the bug reporter’s wallet.
The Benefits of Web 3.0 and DAO Bug Bounties
At the launch of Vault, Ethereum infrastructure provider SSV deposited $1 million to fund bug bounties for its software. Additionally, Decentralized exchange Ref Finance, which is on the Near network, is utilizing the new system. Eridian, a contributor to the SSV DAO, believes that on-chain bug bounties will enhance the security of the DAO’s validator services, stating:
Immunefi reported in December 2022 that it had facilitated $66 million in bug bounty payments since the platform’s inception. LayerZero then released a $15 million bug bounty through Immunefi on May 17.
This article is being collected as an NFT to commemorate this moment in history and to show support for independent journalism in the crypto space.
Subscribe to our email newsletter to get the latest posts delivered right to your email.
Comments