Wormhole Awards $10M to White-Hat Hacker in Bounty Program

Please fol­low and like us:
Pin Share

Worm­hole has award­ed $10 mil­lion to a white-hat hack­er who report­ed a bug in its Ethereum core bridge con­tract. This is part of the boun­ty pro­gram announced in Feb­ru­ary after los­ing $323 mil­lion to an exploit.

The bug in ques­tion “was an upgrade­able proxy imple­men­ta­tion self-destruct bug that helped pre­vent a poten­tial lock­up of user funds.” 

In the blog post announc­ing the pay­ment, Immune­fi explained every­thing about the vul­ner­a­bil­i­ty and how it fixed the issue.

Worm­hole part­nered with Immune­fi for the boun­ty pro­gram, which offered rewards based on the poten­tial lev­el of impact. For exam­ple, a low-lev­el bug will attract a $2,500 reward, while crit­i­cal bugs could earn any­one who dis­cov­ers them up to $10 million. 

Satya0x, an anony­mous white-hat hack­er, dis­cov­ered the bug on Feb­ru­ary 24, and accord­ing to the announce­ment, the team imme­di­ate­ly fixed the prob­lem. This ensured that Worm­hole didn’t lose any user funds, unlike the last exploit.

Accord­ing to Immunefi, 

Worm­hole is send­ing a clear mes­sage with this pay­out to the best, most tal­ent­ed white hats on the plan­et that if they respon­si­bly dis­close secu­ri­ty vul­ner­a­bil­i­ties to Worm­hole, they’ll be well tak­en care of.

The announce­ment also shared state­ments from the hack­er, who described blockchain secu­ri­ty as an exis­ten­tial threat. He expressed his delight in help­ing to mit­i­gate the effects of this seri­ous vul­ner­a­bil­i­ty to the cryp­to ecosystem.

“If we fail to rec­og­nize and aggres­sive­ly reduce sys­temic risk; if we fail to pro­vide the trans­paren­cy and tool­ing need­ed for users to make informed deci­sions; if we con­tin­ue to con­demn sim­ple mis­takes while prais­ing Total Val­ue Lost as the sole mea­sure of suc­cess — we risk enabling the reemer­gence of the very pow­er struc­tures we seek to destroy,” satya0x added.

Worm­hole is a cross-chain pro­to­col that links Ethereum and Solana net­works. The bridge allows users to move assets between dif­fer­ent blockchain net­works by wrapping. 

Cryp­to bridges are quite vul­ner­a­ble to exploits. Less than 2 months ago, hack­ers exploit­ed the Ronin Bridge to steal over $600 mil­lion from Axie Infin­i­ty. Worm­hole itself was a vic­tim of a hack that result­ed in the loss of over $300 million.

What do you think about this sub­ject? Write to us and tell us!

Disclaimer

All the infor­ma­tion con­tained on our web­site is pub­lished in good faith and for gen­er­al infor­ma­tion pur­pos­es only. Any action the read­er takes upon the infor­ma­tion found on our web­site is strict­ly at their own risk.

Source link

Please fol­low and like us:
Pin Share

Leave a Reply

Your email address will not be published. Required fields are marked *