DeFi receives largest reported bounty from white hat hacker

Coin telegraph spoke to the hacker to gain insights into the timeline of events, as well as the broader implications of the bounty programs, on the company's security landscape. DeFi.

allegedly BILT FINANCE, which is an automated market maker protocol (ADM) works with the strategy of improving return on Binance Smart Chain (BSC), that he paid the largest bonus in the history of decentralized finance (DeFi) to the white hat intruder avoid 10 dollars.

He discovered Alexander Shlindwin programmer white hat white hat, the vulnerability in the protocol BILT BINANCE This week, the team was informed.

For his efforts, he received Shelves Generous compensation of 1.05 Million dollars, most of which was facilitated (Million dollars) by imunify I gave him BILT FINANCE, with an additional amount of 50 Thousand dollars provided by the First Priority Program of Finance Smart Chain.

And imunify is one of the market leaders, in software security for cryptocurrency projects.

Since its inception, the platform has reportedly paid over three millions Dollars to white-hat hackers, who have successfully identified technical infrastructure flaws in smart contracts and crypto platforms.

The first priority is initiative BSC It was launched in July, to enhance the security of decentralized applications (DApp), within the platform's native ecosystem.

service reflects the structure imunify and provides an incentive fund of 10 Millions Dollar for bounty hunters blockchain who successfully contribute to avoiding security breaches via 100 DApps.

Tell Schlindwin Cointelegraph How to discover the vulnerability:

“I checked out the list of bug bounties on imunify BILT FINANCE as a next tool to work on.

While I was studying their smart contracts, I noticed a potential error in their internal bookkeeping, which keeps track of the funds deposited for each user. Playing with pen and paper gave me more confidence that I was wrong.

Continued by producing a true proof of concept [PoC] He undoubtedly confirmed its validity and economic damage.”

He said Shelves:

“The next step was to create an official report on imunify including PoCA comprehensive description of the exploitation.

Adding:

“I replied imunify Immediately upon the critical report, and within three minutes after submission, he was escalated to the belt team.

Soon, Bildt confirmed the authenticity of the report, began implementing a fix, and then patched the vulnerability.”

Although the company violations DeFi Security remains a prevalent concern, with some arguing that the nascent ecosystem will benefit from such incidents in the long run, as vulnerabilities are flagrantly highlighted.

The importance of reward programs in support of DeFi's anti-fracking ambitions:

He said Shelves:

“I am deeply convinced of the importance of rewards for errors and initiatives, such as bonus money.

Company security is made DeFi From multiple layers, from peer review and unit testing, to external audits and formal verification.

Bug bonuses are the last line of defense, should a problem creep through the upper layers, with the potential to prevent a devastating hack, seriously fix the problem instead, and compensate the researcher.”

The rewards for mistakes were in the company DeFi Mashhad is rare before existence imunify It was provided only by The best of the best .

That's why it's exciting to see hundreds of projects launching bug bounties nowadays, which will definitely lead to security advances DeFi The long-term.