Blockchain builders need bug bounty programs: Immunefi Engineer

“Heads down, time to build” is a popular slogan used by blockchain builders when the market is down. Immunefi, a bug bounty platform that offers rewards for finding security holes in blockchain projects, ensures that developers are diligent about securing their projects.

Alejandro Muñoz-McDonald, a smart contract engineer at Immunefi, says he sees bug bounties becoming part of the core security model across Web3 platforms.

“I think a misunderstanding [is] that bug bounties are optional,” Muñoz-McDonald said Decrypt at this year’s Messari Mainnet. “Projects should be expected to have these programs.”

Last month, Framework Ventures led a $24 million Series A funding round for Immunefi. This follows an increase of 5.5 million dollars last autumn.

“I think we can look at Immunefi in five or seven years and think of it as one of the largest security providers in the Web3,” says Michael Anderson of Framework Ventures. Decrypt on Messari Mainnet.

Launched in December 2020, Immunefi offers bounty programs for ethical hackers – also known as whitehats – where security researchers can review code, expose vulnerabilities and be rewarded for their efforts.

“When Immunefi started, we were mostly concerned with EVM-based blockchains,” says Muñoz-McDonald. He explains that Immunefi has recently expanded beyond Ethereum Virtual Machines to include projects built on the Solana blockchain, with plans to include more blockchains in the future.

On its website, Immunefi says the platform “guards” over $25 billion in user funds across projects, including Synthetix, Chainlink, SushiSwap, PancakeSwap, Bancor, Cream Finance, Compound, Alchemix, Nexus Mutual and others.

“It’s really up to the project how they want to price the prizes,” says Muñoz-McDonald. “We encourage 10% of Total Value Locked (TVL).”

He says the prizes for Immunefi range in rewards from $1,000 to $10 million.

As Muñoz-McDonald explains, in addition to offering bounties, Immunefi aims to promote transparency by providing information about the bug and how developers fixed it, saying that the Web3 security and broader blockchain community has responded positively to the platform’s openness.

“Not only does it give people confidence in the project, it also helps more security researchers aboard the space and to educate people about what to look for,” he says.

Stay up to date on crypto news, get daily updates in your inbox.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *