Aurora Labs has made headlines by rewarding a white hat hacker $6 million for reporting a bug through its Immunefi platform. This is an unprecedented move in the crypto industry and could potentially set a new standard for how companies handle security vulnerabilities and bug reports.
The Bug Bounty Program
The award to the white hat hacker is part of Aurora Labs’ bug bounty program, which incentivizes individuals to find and report security vulnerabilities in its platform. By offering such a large sum, Aurora Labs is demonstrating its commitment to the security of its users’ assets and information.
A critical vulnerability was reported on the Aurora Engine, a platform built on the NEAR protocol and powered by the Ethereum Virtual Machine (EVM) environment. This is a place where users can transfer their ETH and ERC-20 tokens from the Ethereum mainnet to NEAR.
Fortunately, the bug was detected and patched before any harm could be done, thanks to the diligent efforts of the Immunefi bug bounty program.
According to Immunefi, the vulnerability was classified as an inflation bug, which could have resulted in the minting of new ETH and the theft of over 70,000 ETH, worth approximately $210 million. This alarming discovery was made in April 2022, and prompt action was taken to ensure the safety and security of the platform.
White Hat Hackers Earning Millions
This is not the first time a white hat hacker has been rewarded for finding a bug in the crypto industry. In 2019, the Ethereum Foundation rewarded a white hat hacker $50,000 for reporting a vulnerability in its network.
Similarly, Google has a well-established bug bounty program that has rewarded white hat hackers millions of dollars over the years.
The trend of rewarding white hat hackers is a positive development for the crypto industry, as it encourages individuals to find and report security vulnerabilities rather than exploit them for personal gain. This, in turn, helps to create a safer and more secure environment for users and their assets.
However, it is important to note that not all companies have established bug bounty programs, and some may not have the financial resources to reward hackers to the same extent as Aurora Labs. Nevertheless, this reward serves as a clear demonstration of the potential benefits for companies and their users to invest in security and bug bounty programs.
Aurora’s bug bounty program is still open and active on the platform of Immunefi. In addition to this, several other programs are also being offered by Immunefi. To date, the company has helped ethical hackers and security researchers earn an impressive amount of $40 million in rewards through its platform.
In the month of May, Immunefi proudly reported that one lucky white hat hacker received a $10 million payout through Wormhole, which is one of the programs available on the platform.
In conclusion, the $6 million reward from Aurora Labs to a white hat hacker is an unprecedented move in the crypto industry and could influence other companies to follow suit. The trend of rewarding white hat hackers for finding and reporting security vulnerabilities is a positive development for the industry and helps to create a safer and more secure environment for users and their assets.
This article first appeared on The block
Image Courtesy of Shutterstock