Immunefi says it has facilitated $66M in bug bounty payouts to whitehats since inception

In accordance with a brand new report launched on Dec. 21, blockchain safety agency Immunefi mentioned that it has processed greater than $65,918,994 crypto bounties paid to moral hackers over 1,248 studies since its inception on Dec. 9, 2020. Net 3.0 tasks record bounty applications on ImmuneFi to encourage whitehat hackers to report vulnerabilities and declare financial rewards, which the corporate then facilitates.

The payouts look like concentrated in nature, with bounty applications operated by Wormhole, Aurora, Polygon, Optimism, and an undisclosed agency accounting for $30.2 million value of rewards previously 12 months. The median payout was $2,000, and the typical payout was $52,800. A small variety of important vulnerability bug studies acquired the best rewards. 

“A $5,000 bounty payout for a important vulnerability may fit within the web2 world, for instance, nevertheless it doesn’t work within the web3 world. If the direct lack of funds for a web3 vulnerability could possibly be as much as $50 million {dollars}, then it is smart to supply a a lot bigger bounty measurement to incentivize good habits.”

By way of vulnerability notifications, Good Contracts points took the lead, with a complete of 728 submissions, accounting for 58.3% of paid studies. In the meantime, the Web sites and Purposes and Blockchain/Distributed Ledger Know-how (DLT) classes totaled 488 submissions (39.1) and 32 submissions (2.6%), respectively. Apparently, regardless of having a excessive variety of submissions, Web site and Purposes studies solely represented 2.9% of whole whitehat payouts, whereas Good Contract bugs accounted for 89.6% of funds.

The Wormhole vulnerability discovery resulted in a $10 million bug bounty payout | Supply: Immunefi

The bounty applications detected excessive vulnerability studies, such because the case in Pods Finance, for a logic error that allowed for theft of yield or abuse of the rewards system on the protocol. One other consists of Mushrooms Finance’s vulnerability which could possibly be probably exploited through a miner-extractable worth assault with flash bots.

The report additionally devoted a portion of ransom evaluation, revealing that malicious hackers have returned $32.7 million in funds illicitly gained from decentralized finance (DeFi) protocols throughout 5 particular conditions in 2022. Hackers have stored $6,44 million in whole ransom funds. Some consultants say that the cost of ransom to hackers quantities to giving into extortion, however practically all agree that it is a lot better to instate a bug bounty program ex ante facto. Immunefi presently gives $144 million in bounty rewards by means of Net 3.0 tasks listed on the platform. 

Subscribe to our mailing list to receive new updates and special offers

We don’t spam! Read our [link]privacy policy[/link] for more info.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
You have not selected any currencies to display