Wormhole Announces $10M Bug Bounty Payout

Crypto bridge Wormhole paid a white hat hacker $10 million in February after he revealed a problem in its core bridge contract on Ethereum. According to Immunefi, which collaborated with Wormhole to host its bug bounty site, that person goes by the moniker satya0x. Wormhole revealed the scheme in February, just days after losing over $323 million in ETH to a hacker in one of the largest DeFi protocol attacks to date. It quickly refilled its blockchain bridge and offered the attacker $10 million in exchange for the funds. Wormhole’s program offers bounty rewards in tiers according to how serious the threat is. For instance, a “low” level smart contract bug can earn someone up to $2,500, while a “critical” one can lead to a prize of up to $10 million — the exact amount that satya0x was awarded. “Wormhole is sending a clear message with this payout to the best, most talented whitehats on the planet that if they responsibly disclose security vulnerabilities to Wormhole, they’ll be well taken care of,” Immunefi said. According to Immunefi, no user funds were lost before the fault was discovered since Wormhole was able to respond swiftly, verifying and addressing the problem the same day (February 24). Satya0x stated in a statement posted by the crypto platform that the issues of blockchain security constitute an “existential danger” to the network’s future. “I am proud to have played a role in mitigating a serious vulnerability and...