Immunefi, a blockchain security platform, has introduced an innovative on-chain system for bug bounties. The system, known as “Vaults,” offers a secure way for Web3 developers to hold funds in an on-chain address and utilize them to reward white hat hackers who discover vulnerabilities. In the world of software development, bug bounties are rewards offered to hackers who identify and report exploits or bugs in software. This practice helps identify vulnerabilities before malicious actors can exploit them.
Immunefi unpacks new bug bounty system
Individuals who report bugs for rewards instead of exploiting them are referred to as “white hat” hackers, while those who misuse their knowledge for malicious purposes are termed “black hat” hackers. Immunefi’s new system, Vaults, enables projects to deposit their bug bounty funds into a Safe multisig smart contract (formerly called a “Gnosis Safe”). This approach provides transparency to white hat hackers, confirming that the funds are available for rewards. When a legitimate bug report is submitted and verified by the project, the funds can be released to the bug reporter’s wallet.
One notable development during the launch of Vaults was Ethereum infrastructure provider SSV depositing $1 million to support bug bounties for its software. Decentralized exchange Ref Finance, operating on the Near network, also adopted this system. Eridian, a contributor to SSV DAO, emphasized that on-chain bug bounties enhance security for the DAO’s validator services. Eridian stated that the Vaults System builds trust with researchers and streamlines the payment process, ultimately strengthening security efforts.
Bolstering blockchain security amidst rising threats
The need for enhanced security measures in the blockchain space is underscored by a significant increase in hacks during the second quarter of 2023, as reported by Immunefi in July. The data revealed a 63% increase in blockchain hacks compared to the same period the previous year, with the majority of incidents occurring in decentralized finance (DeFi) platforms. DeFi platforms suffered losses totaling $228 million across 79 hacking incidents. Immunefi’s founder anticipates that as the DeFi ecosystem continues to grow, large-scale hacks may become more prevalent.
Therefore, building trust within the community is vital to mitigate future losses. As of December 2022, Immunefi had facilitated $66 million in bug bounty payouts since the platform’s inception. An example of this is LayerZero, which launched a $15 million bug bounty through Immunefi on May 17. Immunefi’s introduction of the Vaults bug bounty system represents a significant step in enhancing security within the blockchain ecosystem. By offering a transparent and secure mechanism for rewarding white hat hackers, it aims to reduce vulnerabilities and potential exploits, ultimately fostering greater trust in the blockchain community. As the blockchain space continues to evolve, such initiatives become increasingly crucial in safeguarding digital assets and maintaining the integrity of decentralized platforms.