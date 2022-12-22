Key Points:

Immunefi paid ethical hackers $52 million for discovering bugs in cryptocurrency projects.

The Immunefi’s highest reward ever awarded was $10 million for a Wormhole vulnerability.

In 2022, a year in which the value of cryptocurrency breaches exceeded $3 billion, Immunefi, a bug bounty platform with a focus on cryptocurrencies, rewarded ethical hackers more than $52 million for uncovering flaws in blockchain and cryptocurrency apps.

Decentralized apps’ vulnerabilities were rapidly being exploited by criminal actors in 2022, creating an opportunity for cryptocurrency bug bounty players like Immunefi. Such platforms compensate ‘white hat’ hackers for identifying and disclosing security flaws.

Immunefi has paid out $52 million to hackers this year, and the second-most popular platform, HackenProof, has paid out less than $850,000 since its inception in 2017.

The firm claims that web3 bug bounty payouts easily outpace those made by powerful IT companies engaged in the web2 market. The web3 sector is distinctive because coding flaws can directly lead to a loss of money. Its team noted that as a result, the incentives to abuse projects on web3 are much greater, partly because of the amount of cash kept in smart contracts.

The $10 million reward Immunefi gave out in 2022 was for a vulnerability found in the general cross-chain communications protocol Wormhole. A $6 million reward was also given by Immunefi for the discovery of a flaw in Aurora, an Ethereum scaling and bridging solution.

A $5,000 bounty payout for a critical vulnerability may work in the web2 world, for example, but it does not work in the web3 world. If the direct loss of funds for a web3 vulnerability could be up to $50 million, then it makes sense to offer a much larger bounty size to incentivize good behavior. Immunefi noted

Immunefi said that since its establishment in 2020, it had given out more than $65 million in awards for securing $25 billion in total worth.