Blockchain Builders Need Bug Bounty Programs: Immunefi Engineer

CN
Decrypt
Follow
2 years ago

"Heads down, time to build," is a popular slogan used by blockchain builders when the market is down. Immunefi, a bug bounty platform that offers rewards for finding security holes in blockchain projects, is making sure that builders are diligent about securing their projects.


Alejandro Muñoz-McDonald, a smart contracts engineer at Immunefi, says he sees bug bounties becoming a part of the core security model across Web3 platforms.


"I think one misconception [is] that bug bounties are optional," Muñoz-McDonald told Decrypt at this year's Messari Mainnet. "Projects should be expected to have these programs."


Last month, Framework Ventures led a $24 million Series A funding round for Immunefi. This follows a $5.5 million raise last fall.


"I think we can look at Immunefi in five or seven years and think of it as one of the largest security providers in Web3," Framework Ventures' Michael Anderson to Decrypt at Messari Mainnet.


Launched in December 2020, Immunefi offers bounty programs for ethical hackers—also known as whitehats—where security researchers can review code, disclose vulnerabilities, and get rewarded for their efforts.


"When Immunefi started, we were mostly concerned with EVM-based blockchains," Muñoz-McDonald says. He explains that Immunefi has recently expanded beyond Ethereum Virtual Machines to include projects built on the Solana blockchain, with plans to include additional blockchains in the future.


On its website, Immunefi says the platform "guards" over $25 billion in user funds across projects including Synthetix, Chainlink, SushiSwap, PancakeSwap, Bancor, Cream Finance, Compound, Alchemix, Nexus Mutual, and others.


"It's really up to the project how they want to price their bounties," Muñoz-McDonald says. "We encourage the 10% of Total Value Locked (TVL)."


He says bounties of Immunefi range in rewards from $1,000 to $10 million.


As Muñoz-McDonald explains, in addition to providing bounties, Immunefi aims to promote transparency by providing information on the bug and how developers fixed it, saying that the Web3 security and broader blockchain community have responded positively to the openness of the platform.


"Not only does that give people confidence in the project, it also helps onboard more security researchers into the space and to educate people on what things to look out for," he says.


免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。

Share To
APP

X

Telegram

Facebook

Reddit

CopyLink