By: Eliza Bennet
Blockchain security platform, Immunefi has launched a system named 'Vaults' for on-chain bug bounties. Under this new system, Web3 developers can escrow funds in an on-chain address and use them to reward white hat hackers who identify and report bugs. This system is expected to facilitate project developers to assert that they have dedicated sufficient funds for bounty payouts, fostering more top-tier bug reports.
Awarding 'bug bounties' is a common practice among software developers to encourage hackers to spot and report software vulnerabilities before they can be maliciously exploited. White hat hackers who opt to report these vulnerabilities in exchange for rewards as opposed to taking advantage of them for personal gain play a crucial role in enhancing software security.
Immunefi's new mechanism enables projects to deposit bug bounty funds into a Safe multisig smart contract, providing white hats with on-chain proof of fund availability. Upon bug report submission and confirmation by the project, funds can be released to the reporter's wallet. The launch of the Vault system saw notable participation from Ethereum infrastructure provider, SSV, which posted a $1-million deposit for its software bug bounties. Alongside, decentralized exchange Ref Finance has also adopted the new system.