Wormhole awarded $10 million to a white-hat hacker who reported bugs. After a $323 million exploit, the crypto bridge launched a bug bounty programme in February.
Crypto bridge Wormhole paid out $10 million to a white-hat hacker who revealed a bug in its core Ethereum bridge contract in February.
This person goes by the pseudonym “satya0x”, according to an announcement from Immunefi. Wormhole is hosting its bug bounty platform.
Wormhole announced its program in February, soon after it lost close to $323million in ETH to an hacker in one of the most significant exploits of DeFi protocols to date. It quickly replenished its blockchain bridge and offered $10 million to the hacker if they were returned.
Wormhole offers bounty rewards at different levels depending on how serious the threat is. A “low” level smart-contract bug can get a reward of $2,500 while a “critical”, a prize up to $10,000,000 can be won. This is the exact amount that Satya0x was awarded.
“Wormhole is sending out a clear message to the most skilled whitehats on this planet by offering this payout,” Immunefi stated.
According to Immunefi, no user funds were lost prior to the bug being reported. Wormhole was able quickly to respond, verifying the issue and fixing it on the same day (February 24, 2012).
satya0x shared a statement by the crypto platform stating that blockchain security challenges are an “existential danger” to its future.
“I am proud that I played a role [in mitigating] a serious vulnerability, and a systemic risk to the ecosystem,” said satya0x.
Wormhole was able to upgrade smart contracts. This bug was the root cause. It could allow hackers to gain control of these contracts. Immunefi gave a detailed explanation of the security flaw and the steps to fix it in a blog.
Satya0x also stated: “If it fails to recognize and aggressively decrease systemic risk; If we fail to provide transparency and tooling that users need to make informed decisions; and if simple mistakes are condemned while Total Value Loss is the only measure of success, we risk enabling the reemergence the very power structures we want to destroy.”